The Weak Link In Security
Often times when a company looks into becoming more secure / enhance security, they typically look to add devices, software or settings in place to help defend their network. It’s hard to convince them that the weak links in there network is the employees on them. Convincing employers about the importance of user awareness is an ongoing struggle for tech professionals.
In the world of Information Security, we like to think that all the firewalls, antivirus and security settings we put in place keep us safe. Last year in 2015 there was an estimated 781 reports of data breaches. These breaches only account for one spectrum of breaches identity theft. The loss of one’s identity is one of the highest levels of security breach a company can suffer. This does not include the loss of credit card or personal information. The likelihood of a breach involving 10,000 or more stolen records over the next 24 months is estimated to be at around 26 percent. Without a doubt the majority of these businesses and companies had protection in place to stop this from happening.
Why does this keep happening?
The question many people ask is why this keeps happening with protection in place. The reality is that it’s increasingly difficult for security professionals to keep up with the dedicated hackers. We are constantly playing a never ending war always on the defense. We also tend to be less vigilant when we have protection in place. This creates a dangerous scenario for security professionals and companies alike.
Much like defending a castle you can only defend against attacks for so long before they find a way in. At that point all you can do is patch up any holes in your defense and hope for the best moving forward. The act of securing networks focuses on defending against attacks and reacting there is little that can be done to strike back.
Breaking into your defenses is made even easier when you factor in internal users as well. We tend to be lazy when it comes down to us taking part in the security of our network. You might use the same passwords for every one of our accounts. We share our passwords with everyone in the office, we might not run scans as often as we should or ask all the questions we should to people who visit our office. All of these things lower the security of your network. It only takes one incident for you to become a network vulnerability.
Weeding out the weak links
Running frequent vulnerability assessments and penetration testing for your company is a great way to weed out weak links. Cyber Protection Group checks for weakness in your network in everything from your firewall to your employees. The amount of information that your employees may be giving out with out your knowing can cause massive security breaches for your business. Adding defenses to your system is pointless if your company cannot keep its information from leaking out through employees.