You start a business. You grow your company from an idea to a fully functioning and profitable entity. With success comes clients and, as with most companies, you store personal information either to be used in marketing or from a purchase. As a result, you hold the keys to many of the things that your customers value and treasure in their lives and it is now your responsibility to protect their personal information. Additionally, your company has a myriad of confidential and private information internally that needs to be protected. (By Ryan Bradley, Forbes)
Social engineering small businesses is a favorite of attackers and it is often under-reported in the media. Additionally, it may be easy to fall into the trap of believing your organization is too small to be a target when there are much larger companies with bigger bottom-lines. However, the attacker is looking for the lowest hanging fruit, not necessarily the most lucrative. There are still lots of social engineering techniques that work effectively against small and mid-sized businesses. Attacks on this size of organization are on the rise and they can be very devastating. (By Chris Hadnagy, Social-Engineer)
In immensely networked systems, organizations cannot protect confidentiality, integrity and availability of data without implementing an effective and reliable security training program. According to a Kaspersky Lab report, more than 46 percent of cybersecurity incidents are due to human error and enterprises suffer multimillion-dollar losses recovering from staff-related disasters. For example, uninformed workers can harm a secure network by responding to phishing emails, visiting web pages infected with a malware program or storing their confidential information in an insecure storage location. (By Fakhar Imam, InfoSec)
Printers may be the last thing on your mind, but they're a vulnerable point of entry. (By Kevin Pickhardt, Entrepreneur)
As offices and businesses around the world transition to mere mobile employee “pit stops,” the need for mobile devices at work is rampant. Checking emails from the local coffee shop, having access to MS-Office products in the palm of our hands―our phones are no longer only for making calls, they’ve evolved into our hand-held personal computers. With this, comes the storing of sensitive data so it’s easily available to us―emails, calendars, contact information, passwords, payment data, etc. While these features are great for the traveling or telecommuting employee, it’s also attractive to hackers. (By Lindsey Donato, Blum Shapiro)