RSA, Social Engineering, and CISOs – Things to Consider When Creating IT Security for Your
With the recent hacks on the South Carolina taxpayer system that has put more than 3.6 million Social Security Numbers at risks and the creation of advanced computer worms like Stuxnet in 2010, the constant threat of cyber-attacks has become one that shows no sign of slowing down. Despite this, many businesses have neglected the need for increased security on their corporate networks.
An example of how easy it can be for a hacker to bypass a lackluster security system is through simple social engineering. In 2011, the network security company RSA had their famed SecurID tokens stolen through tricking RSA employees into downloading an infected Excel spreadsheet via email. They then used the tokens to hack military contractors such as Lockheed Martin.
Two issues can be taken away for the attack. The first is that RSA’s security model allowed for online access to such critical data. If a company does opt to keep sensitive information online, constant monitoring is key. Hackers scan servers to find vulnerabilities, so it is only logical that the IT department do the same.
The second was that the employees themselves were not trained well enough to deal with situation such as the one that occurred. If there are not enough people equipped to that task, hiring a firm is the next precaution to take. More importantly, companies should consider adding a chief information security officer (CISO) to their team. The CISO’s sole purpose is to manage IT security for the company, and like any other department, leadership is always needed.
With no strategy, training, or resources in defending against hackers, a company is fated to be attacked, possibly at a devastating level in terms of customer satisfaction or revenue. Learn from companies like RSA or with the help of a professional IT service so that your business does not become another cautionary tale.
Jesus Garay is a freelance writer with an interest in technology and its applications in the corporate world. Currently his concentration is on network engineering in the Philadelphia area.
Academic and business blog posts
Here are some blog posts I recommend from academic and business acquaintances of mine – Randy Kemp
- Pop Quiz: Car Seat Safety Blog post
- How to Do a Yankee Swap Gift Exchange Blog post
- How Nannies Can Write an Effective Online Profile Blog post
- 10 No Fail Recipe Substitutions Blog post
- 10 ways to be a better marketer Blog post
- 30 Blogs With Ideas For Family Fun Blog post
- What You Should Include In Your Nanny’s Reference Letter Blog post
- 5 Job Tools Nannies May Want to Get for Themselves Blog post
- How to Create a Gift Cupboard for Stress-free Gift Giving Blog post
- How Nannies Can Build Good Relationships with Tweens and Teens Blog post
- 5 Ways to Make Ice Cream without an Ice Cream Maker Blog post
- Boosting Your Child’s Self Esteem Blog post
- 30 Blogs with the Best Holiday Tips Blog post
- Ways That Children Challenge a Nanny’s Authority Blog post
- Ways a Nanny Can Save Busy Parents Time Blog post
- 10 iPhone Apps for Kids that Support Montessori Based Learning Blog post
- The things kids say about new babies Blog post
- 10 iPhone Apps for Moms Who Love to Cook Blog post
- 30 Blog Posts from Breast Cancer Survivors Blog post
- 10 Tips for Interviewing a Nanny Blog post
- 30 Blog Posts with Tips on Nanny Background Checks Blog post
- 10 Sports Every Dad Should Teach Their Son Blog post
- 10 Fire Dangers Commonly Involving Kids Blog post
- 10 Ways to Teach Young Children to Be Nice to Pets Blog post
- 30 Blogs with Tips on Traveling to Boston with Kids Blog post
- How to Communicate to Your Nanny She’s Done Something Wrong Blog post
- 10 tricks to get your child to eat anything Blog post
- 10 Reasons to Not Open Birthday Gifts at Your Child’s Party Blog post
Filed under: Business, Technology Tagged: | Chief information security officer, Child, Childcare, CISO, Computer security, Family, Home, Lockheed Martin, Manhattan, Nannies, Nanny, RSA, SecurID, Social engineering (security), Social Security number, Stuxnet