Information Security News mailing list archives
Why Effective Computer Security Means Covering All Your Bases
From: InfoSec News <alerts () infosecnews org>
Date: Fri, 16 Jan 2015 10:31:24 +0000 (UTC)
http://www.eweek.com/security/effective-computer-security-means-covering-all-your-bases.html By David Needle eWEEK.com 2015-01-15PALO ALTO, Calif. — How safe is your company from malware attacks and security breaches? As the technology and methods behind cyber-attacks are constantly evolving, it's virtually impossible for any company to accurately say it's completely safe, but there are steps you can take to minimize threats.
Ganesh Krishnan, who runs security at the popular job site and social network LinkedIn, shared some of the lessons he's learned over a 20-year career in security, including stints at Intel and Yahoo. His "tech talk" was part of a meet-up here this week at online payments firm WePay.
The first point he emphasized is that security teams are by definition outnumbered. "There are a lot more hackers than security people. Security has to be everyone's responsibility," he said.
This maxim extends to both technical and non-technical employees, as both are needed to help defend against a growing range of threats including so-called phishing attacks. Phishers use social engineering, email and social media to gain access to corporate networks. For example, a phisher might contact a relatively low-level employee under false pretense (e.g., pretending to be an authorized outside contractor), guess the employee's password and get into the network.
[...]
-- Evident.io - Continuous Cloud Security for AWS. Identify and mitigate risks in 5 minutes or less. Sign up for a free trial @ https://evident.io/
Current thread:
- Why Effective Computer Security Means Covering All Your Bases InfoSec News (Jan 16)