Human beings are born organisers. We love to categorise things. We mentally put things into nice, neat groups – because our brains are, for the most part, hard-wired for all kinds of pattern recognition. This was helpful back when we only had a few seconds to sort a new sensory input into two categories: “safe” or “not safe”.
You may have noticed in the last few years that most companies are in the midst of an ongoing crisis. Malware, spyware, ransomware, and all kinds of corporate breaches are constantly in the news. If you’ve never received an email from a corporation that has lost your personal information to hackers, just wait – it’ll happen.
How do these breaches keep happening? Don’t we have firewalls, Intrusion Detection Systems, Antivirus software, and data centres filled with shiny boxes with lots of blinking lights that are supposed to filter, block, and protect for us? What are those folks on the security team doing all day?
The answer to this question is simple: They’re clicking on attachments, they’re running unapproved software, they’re visiting unsafe websites, and generally giving the bad guys a foothold on our corporate networks. That’s because every employee is on the security team.
Unfortunately, those blinky-light appliances can only do so much, and – for the most part – the bad guys have figured out an easy way to get around them. Why should an attacker beat on a fortress wall when one of the nice castle-dwellers will willingly let them inside?
That’s where you come in.
Ask yourself as you see these behaviours, are they “safe” or “not safe”?
1- Does that email attachment REALLY make sense?
2- Is the software you’re about to install approved by IT?
3- Did you read the warning on the screen BEFORE you clicked “OK”?
4- Is there a business reason for visiting that website on a corporate computer?
5- Does it make sense that you’re being asked for your username and password?
6- Is the information you’re about to send through email potentially confidential?s
Better still, help your fellow employees to be “safe” too:
1- Do you send out emails with attachments or links without telling the receiver that they’re coming?
2- Do you send personal emails from your corporate email address?
3- Do you routinely encourage others to circumvent policy?
4- Do you tell others when you receive a suspicious email?
5- Do you tell others when you see something suspicious happen with your computer? (Odd pop-ups, permission requests, mystery software running on your machine…)
Every employee is on the security team.
The bad guys work together as a team. We need to work as a team as well. You have the power to make your organisation more secure or less secure by your actions. This is a battle that can’t be won without everyone’s participation.
About the author
Tom Liston is a Principal Trainer and Consultant for DarkMatter. He has over a decade of experience breaking into Fortune 500 companies and assisting them with increasing their security. He is a Handler at the SANS Institute’s Internet Storm Centre and is the co-author (with Ed Skoudis) of the security book, Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses.