Cybersecurity Dragnet

Analysts from the far reaches of the cybersecurity empire remind us of the many challenges we face daily, and some of these will no doubt wreak havoc in 2015 because the threat evolves rapidly to exploit weaknesses we don’t even know exist yet. Other, more predictable threats use proven strategies to exploit known weak links in our organizations. Human links. These are a couple of their stories.

Engineered to be Social

Vic, the new guy in sales, is a machine. He works the conference floor like a trained assassin, wielding business cards with precision as he gathers contacts and SWAG with a discriminating palate. Returning to the office, he deploys the bling to his advantage, sprinkling the bling among his support staff, including the assortment of cleverly-branded thumb drives, one of which has malware buried deep in the root code. They never realized their thumbs were ill-placed.

Madge has worked in accounting forever, and her cupcakes are always a hit at office parties. She scours the internet looking for innovative recipes and presentations, and she even curates a social media presence for other cupcake aficionados, mostly on her own time and home computer, though occasionally she would email links to her work email address so she could share upcoming party ideas with colleagues. She would later recall several links that didn’t upload correctly, but she had no idea they contained a bug that collapsed the organization’s entire soufflé.

Let’s Be Careful Out There

Your staff is often your biggest threat. ICS uses white knight hackers to test the penetration vulnerability of your network, digital and human. With the New Year’s hangovers and bowl games and resolutions come a litany of goals and expectations, personal and professional. Let ICS help you usher in a safe and secure 2015.

ISO 9001 2015Technology Industry InnovatorsVeteran Owned Small BusinessCMMI Maturity Level 3CISSP® - Certified Information Systems Security ProfessionalCertified Penetration TesterITIL IT Service ManagementCertified Ethical HackerProject Management Institute CertifiedUS Department of Homeland SecurityDisaster Recovery Institute CertifiedCertified Information Systems Auditor