As a direct result of their actions, finding typical “low-hanging fruit” vulnerabilities to breach organisations are becoming much more difficult, expensive, and a noisy attack vector. Instead, attackers are turning to a new organisational attack vector: its people.
Let’s consider how an organisation can put security controls in place around its people, without violating their privacy and productivity.
TRAINING YOUR EMPLOYEES
When it comes to planning an exploit, employees are the path of least resistance to attackers. All it takes is one vulnerable user for a breach to occur. An unaware user is an easy target, and easy targets are ripe for a wide dragnet phishing attack (that is, a phishing attack that covers a large part of the organisation, often with the simple goal of harvesting credentials and valid identities or compromising users’ laptops with malware).
The solution: regular training to establish a baseline of user phishing awareness, along with intermittent employee reminders reinforcing what they’ve learned in training sessions. Training should provide users with examples of phishing attacks, context on how to spot such attacks, and steps to take if they feel they might be the target of a campaign.
Another good practice is to frequently conduct red team engagements to challenge the organisation’s security effectiveness. We’ve discovered that this training can guard against even advanced dragnet campaigns.
Organisations that have a phishing awareness program will often spot the campaign due to user reports and blacklist the source within a matter of hours.
Employees are also likely to broadcast their involvement in phishing awareness programs on their resumes and professional social media network profiles (such as LinkedIn). This is likely to deter an attacker harvesting user information from publicly available resumes and social media pages.
Denne historien er fra November 2019-utgaven av SME Magazine Singapore.
Start din 7-dagers gratis prøveperiode på Magzter GOLD for å få tilgang til tusenvis av utvalgte premiumhistorier og 9000+ magasiner og aviser.
Allerede abonnent ? Logg på
Denne historien er fra November 2019-utgaven av SME Magazine Singapore.
Start din 7-dagers gratis prøveperiode på Magzter GOLD for å få tilgang til tusenvis av utvalgte premiumhistorier og 9000+ magasiner og aviser.
Allerede abonnent? Logg på
Cloud- Driven Recovery
With digital transformation being an important catalyst for Malaysia’s inclusive economic recovery, cloud computing plays an important role that enables . the country to acquire the advantages that technology offers.
Live Werkz: Venturing Beyond Southeast Asia
Being forward-looking in its approach has enabled LiveWerkz Pte Ltd to survive the Covid-19 pandemic, says vice president Tricia Ng. Despite being a Singaporean company, the company does not focus its efforts in the Southeast Asia region. Instead, Greater China and the Middle East become the foundation for its businesses. Ng tells SME the company’s strategies in facing a challenging future.
Singapore's Go Digital Well Received
More than 78,000 of Singapore’s SMEs have participated in the country’s Go Digital programme since its 2017 launch, with more about 40,000 becoming participants last year, including 30,000 that received Covid-19 incentives from the government.
Accountants And SMEs: Creating A Sustainable World
For SME finance professionals, ‘sustainability’ is about achieving longevity. However, there is a confusion over different definitions of sustainability. They recognise the growing importance of tackling sustainability issues but lack the understanding of how doing this can be integrated into day-to-day practices within the finance function.
Rebuilding Our Mental Well-Being In Sales
Sue Barrett is a writer, training provider and entrepreneur who founded Barrett in 1995 to positively transform the culture, capability and continuous learning of leaders, teams and businesses.
Omicron: A Test Of Resilence
Global manufacturers have been facing a supply chain crisis since the start of the year. Just as it appeared that the situation was beginning to stabilise, the Omicron Covid variant reared its ugly head.
Silver Lining In The Cloud
Although RAS Security Pte Ltd’s business was adversely affected by the pandemic, there’s a silver lining in the cloud. The occurrence has necessitated the company to innovate its business model to remain viable and led to the discovery of new areas of security service provision. Managing director Tejdeep Singh shares his journey.
Accelerating Artificial Intelligence
Singapore is introducing two new public artificial intelligence (AI) programmes as part of the strategy to use technology for social and economic good, involving a total allocation of S$680 million to accelerate AI research. The latest initiatives require a funding of S$180 million.
Three Tips For Hiring Top Talents
BIG EGOS LOSE TALENTS First up, when it comes to hiring, you must put aside your ego.
The Economy Is Recovering, But What About People?
All signs are pointing towards a speedy recovery. Contrary to what this writer initially predicted, the economy seems to be genuinely recovering.