Don't miss our upcoming Network Computing virtual event on Connectivity Solutions - Secure Your Complementary Seat Now!
For all the complexity of security, the most common security dangers are downright mundane. They're not due to the arcane arts of the most skilled hackers or some cunning exploit; they're out there in plain sight.
"A successful attack depends on a combination of four things that don't have a lot to do with the attacker," says Forrester Research analyst Paul Stamp. "It's usually something like social engineering, a breakdown in process or the absence of process. It could have something to do with a simple technical vulnerability or insider abuse. But it's usually a combination of two or more of those four factors."
The thing that should send chills up the spine of anyone who manages a network open to the Internet -- which is to say, virtually all networks -- is the fact that all of these vulnerabilities can be easily caught and fixed. Because they're so common, obvious, or at least mundane, however, they are often the last place you'll look for danger.
Social Engineering: It's humbling to remember that superstar hacker Kevin Mitnick wasn't much of a code warrior. However, he was a first-rate social engineer who raised the "Hi, how are you, what's your password?" approach to network delinquency to the level of a black art.
With the constant warnings about protecting passwords and not opening unsolicited attachments, you'd think that network users would be wise to what is, after all, the oldest trick in the hacker's book. But they aren't. Stamp says, "You'd be surprised how often social engineering succeeds."
With the move to the cloud, CISOs must shift priorities from operating security programs to overseeing (monitoring and auditing) outsourced cybersecurity programs.
2022 was a boon year for IT salaries. 2023 came in like a beast with layoffs, raise freezes, and ChatGPT, but that beast has few teeth.
Age is only a number. Don't let a high number cancel your career.
