Latest Breaking News
In reply to the discussion: New fears over Chinese espionage grip Washington [View all]24601
(3,959 posts)adequate safeguards built in. Are there firewalls, does it require strong passwords, if someone is coming in from an unknown IP, is there two-factor authentication? Does the email disable embedded URLs? Are patches and OS updates current, especially anti-virus signatures.
But the second thing is all about people making it a priority and reducing human error. Most of the time, those come from users as opposed to the IT staff.
As an outlier, The Clinton campaign hack included two human errors. The anomaly was that one of those mistakes was from IT. John Podesta received an email saying he needed to change his password. He asked IT if it was legitimate and the tech said it was. JP clicked on the link provided and changed his password. It was really a spearphishing email and the link took him to a fake site where thought he was changing his password. When is input his current password, the hackers had it, immediately logged into his real account and copied everything.
Human Error #1: IT misspoke - a mistake, not a lie, that it was legitimate. #2 was that JP just clicked on the included link rather than either putting it in manually or following the email application.
Other common user mistakes include uploading (or typing) information not authorized on the system (e.g. any classified on an UNCLASSIFIED system, TOP SECRET on a SECRET system, US only info on a coalition system). People plug in a USB devices or load disks without first scanning them. Users open attachments (that have fro unknown senders. It's also a poor practice to send stuff to people that just don't need it. Are users trained to safeguard classified or sensitive unclassified information & does the organization's culture reinforce following the rules?
Not everything is bad news. I'm kind of nerdy and a year ago I was watching C-Span where Commander of the US Cyber Command was speaking to a cybersecurity conference. He said something like the most progress he had seen was that (finally), senior leaders wouldn't spend the first half of meetings arguing that cybersecurity was the IT guys problem. A culture that accepts cybersecurity as somebody else's job invites failure.
That's some of the the bigger stuff but doesn't come close to covering everything.