It even required its employees to undergo regular security training. The company had IT controls such as network firewalls, vendor management and secured server rooms, as well as facilities controls that included badge access and monitoring, security guards, cameras, and guest escort requirements. Why Training Alone Does Not Prevent Effective Social EngineeringĪn East Coast-based healthcare organization had myriad security controls in place when a two-person crew compromised its physical facility and network. LEARN MORE: Help employees defend against social engineering attacks.
These processes and policies should come from the top down and, while they should start with training, Saylor shared a case study in his presentation that proved training alone isn’t enough. Not only do teams need to communicate with the IT department, they need processes in place for companywide communication to ensure companywide security.
“We only call IT when things are broken and rarely look at them as forward-thinking,” Saylor said.
#Buy automatic fish feeder Patch#
If the IT department doesn’t know about a new technology, they can’t manage and maintain it, patch it or configure it. I should go talk to the IT guys.’”Īll of these IoT technologies are collecting data, and many of them invite vulnerabilities into a business’s network. In talking specifically about the Internet of Things devices a company might use, whether for its HVAC system or automatic fish feeder, Saylor said, “Very rarely does the person who bought that to plug it in and make their job better think, ‘What risks did I just introduce? I just put that on our network. In his session, titled “ Cybersecurity is Not Just an IT Problem,” Saylor stressed that the IT department should be kept in the loop about new technologies. Communicate Tech Changes with the IT DepartmentĬEO Mike Saylor of Blackswan Cybersecurity shared clips Monday from the British sitcom The IT Crowd to highlight society’s view of IT professionals and the importance of communicating with that team.
0 kommentar(er)
