[BreachExchange] User error: Employee missteps cause most data breaches

Audrey McNeil audrey at riskbasedsecurity.com
Thu Dec 1 19:21:52 EST 2016


http://wcfcourier.com/user-error-employee-missteps-cause-
most-data-breaches/article_1fe1a9e1-8c76-5c1b-bbfe-1e058f73cea7.html

The numbers vary depending on which report you read from industry experts
or government reports, but ultimately, it is agreed most information
security breaches occur in businesses because an employee did something
that allowed the crooks access. So, what are some of the things we should
be looking for to prevent this alarming trend?

1. Phishing scams

Phishing is a cyber-crime strategy that uses emails to trick people into
taking an action that triggers a cyber-attack. Phishing has become much
more strategic in recent years and is often very difficult to recognize.
Hopefully by now, everyone knows not to send their banking information to
someone claiming to have selected them randomly to receive a $20 million
bank transfer from a dying prince in Zimbabwe. However, it can be very easy
to click on a link in an email that appears to be from someone you know and
trust.

2. Passwords

Passwords continue to be a major challenge in preventing cyber-crime. With
monumental information breaches at Yahoo and LinkedIn making headlines
recently, the need for not only complex passwords but frequent changes in
passwords and different passwords for different logins is critical. While I
could write an entire article about passwords, I’ll attempt to summarize
the challenges created by not having a password policy in place in your
business.

A password that is too simple can be easily stolen through what is called a
“brute-force attack.” This strategy uses software capable of cracking
passwords simply by running the program. Anyone can download a program
designed for this type of hacking and make short work of stealing simple
passwords.

Using the same password for multiple logins may make it easier to remember
your login information, but think about what could happen if the password
you use for your bank and credit card accounts is the same as the one
recently stolen from Yahoo or LinkedIn. It wouldn’t take much for someone
to figure out where you bank and access your account.

3. Lost or stolen devices

A lost or stolen device falling into the hands of a cyber-criminal can
quickly result in major damage to your business. Let’s say you misplace
your phone and someone with bad intentions finds it. While you may think
there isn’t anything valuable on your phone since nothing is stored on it
besides your personal photos, etc., think again. Your phone can allow the
criminal to act as you with access to texting, email and stored login
information to social media websites. Anyone who has your phone can
instantly become “you” in these forums.

4. Privilege abuse/vendor or employee theft

Nobody wants to suspect their employees or vendors of wrong-doing or
malicious intent, but the fact is this cause of information theft continues
to appear on every cyber-security report published. Internal theft often
can be disguised by those with higher level network privileges making
detection elusive and the crime difficult to prove. Security experts often
will recommend a SIEM solution to guard against this. SIEM (security
information and event management) is technology that tracks user logins and
behavior to quickly determine who did what and when. It also recognizes
trends and unusual behavior in logins. This information is usually critical
to solving the case of an “inside job.”

5. Improper disposal of information

Most people know computer hard drives can contain information that may be
retrieved even after it has been deleted. Destroying a hard drive that
contains sensitive information is the only way to remove the threat of it
being stolen. However, this means losing data is not nearly as common as
other methods of information theft, mostly due to the labor involved in
finding something valuable on an old hard drive.

While companies are spending more and more on technology designed to
strengthen their information security, the human factor will always play a
role. Having a professionally designed information security policy in
place, following recommended best practices and providing information
security training for your staff will lead to a more secure environment.
These steps could even lead to lower rates for cyber-security insurance as
they reduce the risk to an insurance provider.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20161201/c3434196/attachment.html>


More information about the BreachExchange mailing list