Make Educating End Users about Policies and Threats Part of Your Defense

P. Musich
P. Musich

Summary Bullets:

  • Educate end users on the reasons behind corporate security policies and the nature of social engineering to help reduce risky behavior.
  • Ensure end users understand corporate policies around the use of personal smartphones and tablets for accessing corporate resources.

With this year’s huge rise in the awareness of advanced persistent threats (APTs), now would be a good time to focus on educating employees not only about corporate policies and government mandates, but also about the growing risk that these APTs pose to the organization.  By educating end users about the reasons behind the policies, as well as the nature of such attacks, security professionals can get better buy-in from those end users, increasing the likelihood of changing risky end user behavior.  Given the focus of these APTs on gaining entry through more sophisticated spear phishing attempts, encouraging a heightened vigilance among end users could be an additional tool in the security practitioner’s toolbox.  With attackers’ proclivity for identifying users within the organization which have the credentials to access systems with sensitive data, and then sending e-mails that appear to be legitimate and contain links to sites with malicious code or attached documents infected with malware, end users become the weak link in the chain of trust.  In addition, the combination of the growing BYOD phenomenon and the upcoming Christmas shopping season makes this an ideal time to remind end users of the dangers of careless Internet usage as well as corporate policies regarding smartphones and tablets.

Continue reading “Make Educating End Users about Policies and Threats Part of Your Defense”

Context is King

A. Braunberg
A. Braunberg

Summary Bullets:

  • Security is a data management problem and context is metadata
  • Context drives better policy management and better policies drive better risk management

Context is a word you hear an awful lot these days when talking to security vendors. Everything it seems needs to be put into context, and by that security vendors typically mean that knowing the who, what, when, where and why of network traffic is very useful in determining the “legitimacy” of that traffic. It’s kind of like when firewalls became stateful, the realization that it’s better not to look at each packet in a complete vacuum. Context is the back story, if you will, of each packet traversing a network. Viewed from a data perspective, context is metadata.

Continue reading “Context is King”