Firewalls, Obfuscation, Network Isolation, System Hardening, Jump Boxes, Separate Administrative/Daily User Accounts, Privileged Access Workstations, Physical Controls, Man-traps, Security Cards, Passwords, Key Fobs, One-time Passwords, Phishing Detection, Spam Filters, Anti-virus, Anti-malware, Anti-rootkit, Defense in Depth, Honeypots, Honeynets, Encryption…AND THE LIST GOES ON.
How about this (in person): Hi, I’m James with IT. Did you get the memo earlier? Oh, don’t worry about if you didn’t. I just have to do a quick update to your system. I know you’ve heard about these attacks, ransomware. Don’t want the next one to happen to YOU do you? So yeah, it’ll just be about 5 minutes. I see your coffee is about empty. As soon as you get back, I’ll be done. Oh, don’t worry about locking it. I’ll get that for you. Thanks.
He sounded nice. The IT department has new guys all the time. Who knew? How was Janet to know that she couldn’t trust James. He looked good. He sounded good. He even smelled good. Janet wasn’t trained. Janet didn’t lock her workstation herself. Janet could have been John, Michael, Denise, Kenneth. She could’ve been you.
It’s not as far-fetched as it may sound. It’s just as easy for someone to specifically target you and phish your credentials from you in email. Technical security controls play their parts.
Cyber awareness + human behavior are parts of the big picture.
We can fix this by starting from the beginning. Just as we learn to talk before we learn to read, we need to know a little about what we’re all up against in the cyber landscape before we can defend ourselves. If we all don’t take it seriously, someone close to us may end up losing what they worked their entire lives to obtain in a matter of minutes.
There are capable people out there looking to help their communities and get the word out. Capable people looking to help their local companies protect their information and maintain privacy.
The shortage is NOT as large as we’re made to believe. If they open their eyes, they’ll see it’s been right there all along.
Be a capable person and join me to help people practice safe security in Charlotte.
Last week I had the pleasure to meet 8 new people who understand the importance more now than before: Sven, Ethan, John, Nick, Taleak, Mackenzie, Marissa, and Aaron.