+
EDITOR’S QUESTION
///////////////////
MAYLEEN BYWATER, SENIOR
PRODUCT MANAGER, CLOUD
SECURITY SOLUTIONS, VOX
C
ybersecurity as a landscape and as a priority is changing
constantly from little focus to being in the limelight and
being rated as a key strategy for most CIOs. The various
attacks on several larger institutions confirms that we need to be
vigilant on how we treat data and information.
Some principles remain the same as you look at the general
trend of penetration into networks; statistically the norm seems
to be that 90% of email attacks originate from an email as the
entry point as revealed by Verizon’s data breach research.
The main intention is not only to infect the network, but also
to lure unsuspecting people into divulging information of a
personal and business nature.
These details are harvested with perpetrators using social
engineering to write phishing emails that would fool many, as
the content is normally well written and seems legitimate. The
end user or Human Firewall is targeted as there is no algorithm
to ensure that specific mails are not opened.
We have looked at these and discovered various tools that
businesses should be looking at employing; to train and educate
their staff. These phishing tools provide a great platform to
simulate, educate and create a culture of security conscious
individuals within the business.
However, these tools are only as effective as the policies
that need to be drawn up, communicated and shared with
the business.
These training sessions need to be complemented by having
a security strategy that caters for the entry points into the
business, which while phishing, may not target, but need to be
in place to be proactive and help with prevention. A business still
needs to have network, email and endpoint security, and backup
and reporting in place to ensure that it can deter most attacks
without being impacted.
There are great benefits in having an ISP that also caters to
help all the various components as the current skill shortages
highlights the need within businesses to understand what needs
to be addressed and what is a priority.
Having these key pillars for security in place will assist the
business to focus on the aspects of growing their footprint and
knowing that their business is being pro-actively protected. n
www.intelligentcio.com
“
THE MAIN INTENTION IS
NOT ONLY TO INFECT THE
NETWORK, BUT ALSO
TO LURE UNSUSPECTING
PEOPLE INTO DIVULGING
INFORMATION OF
A PERSONAL AND
BUSINESS NATURE.
INTELLIGENTCIO
31