Cyber security awareness is booming. It is important to revisit what cyber security is and how your systems can be compromised. Passwords can be stolen and some systems can be forced into by using techniques known as brute-force cracking, however the vast majority of security breaches come from social engineering.
Social engineering is the use of social techniques rather than technical techniques to gain access to a system. The most common example of this is called phishing, similar to a classic bait-and-switch. A phisher is someone who sends an email pretending to be someone they are not in attempt to persuade you to give over your credentials. The credentials most phishers are after are your username and password, but can also include any identifiable information depending on the complexity of the attack. Their goal is to access as much as possible on your system.
Unfortunately, it only takes one person in an organization to succumb to phishing for the scam to be successful. While firewalls, antivirus and antimalware programs are important, the most important line of defense any system has is you, the end user. Email filters cannot catch everything. Antiviruses update on a daily basis in order to protect against attacks, but phishers are always looking to be one step ahead. Always be cognizant of your browsing history, and remember to send any erroneous or suspicious emails to your IT department; it is better to be safe than sorry.
For more information about cyber security, or for any other information technology concerns, please contact Chad Graves or Jim Dougherty.