PRO+ Premium Content/Information Security

Thank you for joining!
Access your Pro+ Content below.
October 2010

How to build an effective information security awareness program

At the beginning of the 21st century, information security was in a deplorable state. Research published in 2001 by the Honeynet Project demonstrated that the life expectancy of default computer builds was measured in hours, if not minutes. Computers had little if any security. By default, most had multiple services turned on, no firewall installed, and patching was haphazard at best. All of these forces combined to create a golden age of hacking. This was a time when you could remotely scan and hack into literally millions of computers without the need for interaction by the end user. Since then, vendors (led by Microsoft) have worked to build security into computers by deploying firewalls enabled by default, minimizing services, using advanced memory protection, standardized patching processes and other features. As a result, computers are far more secure. The question is, if we have made such dramatic improvements with security technology, why do we still have a security problem? The answer is simple, the human. Consider a ...

Features in this issue

Columns in this issue