In the world of cyber security there is no denying that we are only as strong as our weakest link. The main issue however is trying to predict which link is most likely to make a mistake and leave an organization vulnerable to a potential security breach. This week we saw the conversation focused on identifying which links within the enterprise are most likely to compromise a company’s overall security, what can happen once a breach occurs and what companies can do to stop an attack before it starts.
Employees—Security Friend or Foe?
Much has been made of coordinated and sophisticated malicious attacks by hackers on organizations. But the truth is that often network and data breaches occur because of employee mistakes or willful malfeasance. Don Reisinger examined SailPoint Security’s recent study to show the tremendous impact employees have on corporate security for good or ill. While there were a few data points that were positive, many of the findings pointed to employees as the major area of risk for corporate data security due to a lack of knowledge or a lack of strong corporate security policies.
Millennial Mayhem—Will They be the Death of Data Security?
As the 51 million members of Generation X begin turning 50 this year and start thinking about retirement, Millennials will continue to enter the workforce in droves bringing with them millions of unprotected connected devices. According to Forrester Research Millennials are digitally integrated into the world around them at all times, both personally and professionally. While they are certainly tech-savvy, it turns out they have no interest in protecting their data and place seemingly no value on the integrity and security of their personal identifiable information, let alone the consequences a hack could have on their friends, families, colleagues and employers. With more access to more information than any other generation preceding them Millennials lack of concern has left many security experts scratching their heads.
The Stakes Remain High—RansomWeb
As businesses struggle with finding the weak links in their organization the world of cyber-crime continues to see extortion on the rise. This week saw another startling attack as malicious hackers have started taking over website servers, encrypting the data on them and demanding payment to unlock the files. A large European financial services company, whose name was not disclosed, was the first known victim of this potentially business-destroying attack, according to Swiss security firm High-Tech Bridge, which investigated the breach in December 2014. The security firm labelled the attack RansomWeb. The brazen techniques used and the high ransom represent a more aggressive take on ransomware – malware which encrypted people’s PCs and asked for payment, typically between $100 and £1,000.
Mobile Weakness—Consumers Begin to See the Light
For those of us deep in the cyber security trenches the fact that our mobile devices are a hackers playground is nothing new. But for the general public this is still a relatively novel concept. That’s why were so excited to see the TODAY show shinning the light on just how easy it is for hackers to compromise a mobile device. With the average American spending over an hour every day playing with their cellphones, taking and sharing photos, sending personal text messages and browsing the Web, the show honed in on why cell phone really is the perfect spying device. “You can listen. You can look. You can track location. And you can view every phone call and every text the person makes. Think about all the permissions we give our apps. Facebook Messenger has access to your location, text messages, camera, stored photos and all kinds of other stuff.”
That’s a glimpse at the stories that caught our eye this week, but what was big news for you? We’d love to hear what got you fired up!
The post Cutting Through the Weekly Mobile Security Noise: The Weakest Link appeared first on Zimperium Mobile Security Blog.