Access your Pro+ Content below.
Attack security literacy with brute force
This article is part of the Information Security magazine issue of September 2013 Volume 15 / No. 7
Most organizations spend thousands of dollars on the latest technology to heighten security and yet overlook one of the lowest cost options available -- increasing security literacy in its employees. The ancient Chinese proverb is true: "Give a man a fish and you feed him for a day. Teach a man to fish and you feed him for a lifetime." And, we don't mean create an enterprise security awareness program with catchy slogans and no real security education. Teach employees why security is important and show them how hackers use vulnerabilities, created by human carelessness, to attack enterprise networks and computer systems. Too many times, organizations treat employees as if they can't comprehend the security threats that we try to protect them from technologically. End users love to download software for their PCs and applications for their personal devices to help them with their work or provide some personal enjoyment. Unfortunately, many of them don't ever consider the possibilities of backdoors, spyware, ransomware or botnets ...
Access this PRO+ Content for Free!
Features in this issue
Modern firewalls offer greater application awareness and user controls. Protect your migration strategy with these tips from the pros.
This month's special online multimedia supplement to Information Security magazine details the advanced new features of next-generation firewalls and how to make the most of them.
While poaching security talent may plug short-term gaps, outreach and education will solve the long-term shortfall in IT security professionals.
Global risk management based on the lowest common denominator may not ‘comply' with IP or trade secrets. Analysts see big changes ahead.
Columns in this issue
Analysts expect security concerns to drive global risk management, but executives may need convincing.
Not down with Dropbox? Lee Heath embraced shadow IT and improved his company's data security practices in the process.
Forget the slogans. Reset your security awareness program with actionable information.