Phishing
Thar She Blows: Mitigating Whaling Risk
CIO recently reported that a variant of spear phishing called whaling has emerged as a major cybersecurity threat. Whaling is a social-engineering scheme that uses the relationship between executives and employees to trick employees into taking an illicit action. An attacker masquerading as an executive bids, and the employee does his or her bidding. Notable…
Knowing Is Half the Battle: Educating Employees about Cybersecurity
The animated GI Joe television series featured public service announcements (PSA) at the end of each episode. After the subjects of the PSA learned an important life lesson, such as not talking to strangers, they would say: “Now I know,” to which one of the GI Joes would reply: “And knowing is half the battle!”…
Keep Your Friends Close, Your Insiders Closer…
No organization is immune from a data breach. The fact is, your organization probably already has been breached. A new survey from the CyberEdge Group and NetIQ shows you just where IT teams are finding the security vulnerabilities that can lead to breaches and audit findings. The good news is it’s not hard to find…
Corrective Controls for Identity and Access Management
While the hackers in movies continue to use brute-force methods to breach security, fingers flying on keyboards as firewalls fall, real attackers today prefer the subtler method of hijacking insider credentials. Frankly, it’s far easier to figure out a user’s password or get them to click a link in a phishing email. To reduce the…