Items Tagged with "Security Awareness"
The Day I Was Erased Digitally
August 17, 2012 Added by:Theresa Payton
It’s everyone’s worst night nightmare - everything digital in your life gets wiped out. Your phone, your computer, your tablet, every email address, social network profile. It really does happen, and most of you probably didn’t know that even techies and security experts worry about this happening to them...
Comments (0)
Is a Password Enough? A Closer Look at Authentication
August 16, 2012 Added by:Robert Siciliano
Yahoo and LinkedIn were recently breached and usernames and passwords were stolen. These sites did something wrong that allowed those passwords to get hacked. However passwords themselves are too hackable. If multi-factor authentication was used, then the hacks may be a moot point and the data useless...
Comments (0)
Relating Responsibility and Liability: At the Core of BYOD
August 15, 2012 Added by:Rafal Los
Does it make sense to repurpose "security awareness" to be inclusive of corporate and personal responsibility? Should we have users sign agreements that make them aware they are responsible, personally, when bad things happen as a result of their actions? Should there be HR actions against users who are reckless?
Comments (0)
Not Providing Education is the Dumbest Idea for Infosec
August 14, 2012 Added by:Rebecca Herold
Every year or so, an otherwise smart information security professional publishes some really bad information security advice about how awareness and training is a waste of time and money. Bottom line for all organizations: Humans have always been and will always be the weakest link in security...
Comments (0)
Ask the Experts: Facebook Security for Teenagers
August 14, 2012 Added by:Brent Huston
"Watch the scams and traps that are strewn like land mines throughout the site. Watch the free give-aways, be wary of clicking on pictures and videos and look carefully at any messages that contain links or suggest web sites to visit. Also, be VERY careful about ‘friends’ of friends..."
Comments (0)
Why Effective Awareness Training Matters
August 12, 2012 Added by:Brent Hutfless
Training and education are key elements to securing data. The advances in detection and monitoring solutions have placed more capable tools in the security professional’s toolbox, but APT attacks have grown in sophistication and perseverance – often leading to successful attacks and subsequent data loss...
Comments (2)
Security Information Addict
August 12, 2012 Added by:Scott Thomas
Part of the infosec profession is staying abreast of news and events. You need to know what attacks are going on in order to know how to defend against them. The problem with this is that it consumes all your free time. What you start to realize though, is you become addicted to information overload...
Comments (0)
Teenage Olympics: Pouts, Pot and Piddle
August 12, 2012 Added by:Kelly Colgan
Identity theft is one area where the ignorance of children and their parents can be more costly than a wobbly landing or delayed start off the blocks. It can hamper their ability to secure funding to attend college or buy a car, and to land a job. Children aren’t the only ones who are vulnerable to identity theft...
Comments (1)
Infosec Fill-in-the-Blank: Security BSides Las Vegas Edition
August 08, 2012 Added by:Tripwire Inc
The hardest part about security is...? Security BSides Las Vegas attendees finished the sentence, and Infosec Island‘s Anthony M. Freed caught them on camera. The responses range from insightful to geeky, depressing to funny, and some are harsh, some others pragmatic, but all are quite sage...
Comments (0)
Employee Fired for Spying on Management with RAT
August 08, 2012 Added by:Jeremy Sobeck
An executive discovered that an unauthorized remote access tool (RAT) on his computer. This type of attack requires very little sophistication. The company assumed the worst: confidential files had been stolen, malware had been installed, and the fired employee still had remote access to their systems...
Comments (0)
The Bad Guys Know You’re an Olympics Addict
August 08, 2012 Added by:Kelly Colgan
The emerging theme from these Summer Games: There’s a general lack of awareness among consumers and end users about possible threats when they’re online. Even with corporate security professionals on high alert, it is ultimately end users and consumers who will make the choice that infects the system...
Comments (0)
Simulation Training Reinforces Security, Business Continuity
August 05, 2012 Added by:Stacey Holleran
If your organization were to experience a serious disruption in network connectivity due to a weather event, a fire or a cyber attack, how quickly could it resume business operations? Which people, processes and technologies would be involved in the recovery? How can you be sure nothing has been overlooked?
Comments (0)
On Security Awareness Training
August 05, 2012 Added by:PCI Guru
Security awareness training has its place, but it is not a silver bullet. The world is full of risks and a security professional’s job is to minimize those risks and manage the remaining residual risk. This is why security is done in layers, so that when people make that mistake you minimize the impact...
Comments (0)
Do You Use Foursquare?
August 05, 2012 Added by:Allan Pratt, MBA
If we don’t continue to raise issues about online privacy and security, websites and their companies’ leadership will continue to demand access to our confidential information under the pretense of doing business, or in scarier terms, doing business as usual. One website that causes concern is Foursquare...
Comments (1)
No Infosec Sacred Cows
August 02, 2012 Added by:Dave Shackleford
Most security awareness programs SUCK. I bet the majority of the awareness proselytizers are doing the same old crap with some stupid Web-based Flash thingie that people click through as fast as they can, and a little printout goes in their HR folder. UGH. That doesn’t work, never has, and never will...
Comments (3)
Cyber Criminals Prey on Worried Parents
August 02, 2012 Added by:Theresa Payton
Cyberthieves are trolling the internet for information and with a convincing phone call trying to trick parents out of thousands of dollars. It sounds like this scam would be easy to spot but it’s so scary, so emotional, and happens so often even Western Union employees are trained to ask questions...