What do people have to do with cybersecurity? In a word, everything. Reports consistently cite over 90% of cyber attack exploits target humans over system vulnerabilities. As stated by one of the world’s most notorious hackers, Kevin Mitnick (now Chief Hacking Officer at KnowBe4), it is easier to get someone to “reveal” something than it is to “hack” into their system. In its 2019 Human Factor report in September, cybersecurity firm Proofpoint corroborates that malicious actors rely on human interaction rather than automated exploits to install malware, initiate fraudulent transactions, steal data, and engage in other malicious activities. And despite our increased use of other near instant communication mediums such as text, and applications like Snapchat, WhatsApp, Slack and more, email remains the leading human attack vector. As such, this week’s National Cyber Security Alliance’s NCSAM blog posts offer resources for organizations to immediately use to help protect their people from social engineering based cyber threats, including phishing emails. Security awareness is not just a compliance box to check and NCSAM is not a one-month-a-year cybersecurity diet, they are about lifestyle changes to incorporate cyber healthy choices. Like Weight Watchers, effective security awareness needs to include on-going education, encouragement, and a lot of accountability to affect positive change for life and the security of your organization. To help organizations implement effective awareness training, NCSAM is promoting Proofpoint’s free security awareness training materials this week. Read more at the StaySafeOnline Blog
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!