Security Should Be Baked-In, Not Sprayed-On
 
Skunk spraying on fox.jpg
 
 

The hard truth doesn’t smell good.

Have you ever heard the term that employees are the weakest links in the security of the organization? If you don’t know, this statement is completely true. 

Humans are the Weakest Link in Computer Security.

No one person or organization is resistant to making error’s. In sports and business we even measure for error rates. Making a mistake will happen and it will take only one forgotten step or an incorrect click to bring down your web site, your application, your data, your service or worse. As technologies are mounting hackers are setting digital traps ubiquitously to profit from the employee’s one mistake. According Kevin Mitnick, the worlds former most wanted hacker, it’s not a matter of will I be hacked, but when.

If your firm is like most, you are spending a lot of your budget on security: to protect your organization and hopefully you are aware of the facts. Spending on products is useful if your workers are attentive about the latest cyber security trends. The expert’s help you understand where your weaknesses are and help sort out the projected mess when something goes awry. This approach can work, but it is not enough. It still does not protect you from yourself/organization. 

The risk of cybercrime has created a noteworthy increase in concern on the matter of cybersecurity and organizations are spending at times a great deal of money to shield themselves against this growing concern of present and future threats. Unfortunately, they frequently forget the menace exposure created by their own employees and customers.

Today’s business leaders often don’t realize the biggest threat is the human element. One has to look not much further than the daily news and what is often the top story? A data breach -  Someone’s data was stolen. This time you are safe, it wasn’t you. Are you ready for when it is you?

It’s safe to say we work in a risky world connected to risky people. But there’s mounting proof cybercriminals aren’t the only nor biggest risk to any person, organization or enterprise. Knowing this, it is imperative you educate yourself and your staff about IT security and things like the increasingly complicated phishing and vishing techniques.

If you really want to protect yourself, look to implement a standard and systematic education and cyber training sessions for you and your staff to keep everyone current on the most up-to-date threats and best practices so they can provide everyone they effect with better security.

If you have ever participated in/with or read the results from a Red Team, you learned that the #1 vulnerability was the human element. 

https://www.kratikal.com/blog/author/anita/

10 Reasons Why Social Engineering Wins Every Time

YouTube video: 10 Reasons Social Engineering Wins Every Time: Security should be baked-in, not sprayed-on. 

1.      The Digger - Mining your data

2.      The Bad Guy – Stealing your data – Ransomware

3.      Fed/State/Local – Taking and paying for your data

4.      The Magician – Hackers Rule the Digital World – Pay Respect White, Black & Gray Hats

5.      The Good Convict (Gray Hat) – myself - Kevin Mitnick – Teaching You Security

6.      Your Employer – Watches Everything - Not every company hires the A, B or C level security person

7.      The Shoulder Surfer – Physically anyone in the real world (Plus the CCTV Hacker)

8.      Your Friends – Your friends are almost the worst – especially social media

9.      Your Family – Is very well the worst

10.  You – are not in control

 

What do you mean I’m not in control

 


The toughest information challenges are the ones you think are true and they are not.

https://www.youtube.com/watch?v=lvNemxRsQSM

  

It’s a long hard road to the top and advanced fighters throw fakes


They want much more than your password – they want your data

 There are a lot of maybes to get to your data (Variables)

 

Which leaves you very vulnerable.

 and is why need on a Cost vs Risk Analysis based on your product/delivery.

 How do you measure for success

https://hbr.org/2014/02/what-does-success-mean-to-you

If you are intersected in being more innovative at work, bring on more success and not have someone steal your idea(s), let’s have the adult conversation.  It’s not if you will be hacked, but when…. If you haven’t been hacked already.

Give me a call because I can help stop the bleeding.

Have an awesome day!

 
 
Max Justice