Why Effective Computer Security Means Covering All Your Bases

[InfoSec News <alerts () infosecnews org>]

http://www.eweek.com/security/effective-computer-security-means-covering-all-your-bases.html

By David Needle
eWEEK.com
2015-01-15

PALO ALTO, Calif. — How safe is your company from malware attacks and 
security breaches? As the technology and methods behind cyber-attacks are 
constantly evolving, it's virtually impossible for any company to 
accurately say it's completely safe, but there are steps you can take to 
minimize threats.

Ganesh Krishnan, who runs security at the popular job site and social 
network LinkedIn, shared some of the lessons he's learned over a 20-year 
career in security, including stints at Intel and Yahoo. His "tech talk" 
was part of a meet-up here this week at online payments firm WePay.

The first point he emphasized is that security teams are by definition 
outnumbered.  "There are a lot more hackers than security people. Security 
has to be everyone's responsibility," he said.

This maxim extends to both technical and non-technical employees, as both 
are needed to help defend against a growing range of threats including 
so-called phishing attacks. Phishers use social engineering, email and 
social media to gain access to corporate networks. For example, a phisher 
might contact a relatively low-level employee under false pretense (e.g., 
pretending to be an authorized outside contractor), guess the employee's 
password and get into the network.

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/