•  Make  sure  all  computers  on  a  network  can  detect  malicious  codes,  utilizing  antivirus
                       programs and host intrusion prevention systems.
                   •  Keep all operating systems updated and patched.
                   •  Keep logs of user activity on the network to watch who is accessing what types of files.
                   •  Monitor VPN access to the network to check if employees are logging in at odd times
                       such as early in the morning when they normally wouldn’t be working.
                   •  Provide  an  anonymous  way  for  employees  to  report  if  their  coworkers  begin  acting
                       suspiciously.

               A cautionary tale


               As  part  of  the  services  offered  by  my  company,  we  assess  an  organization’s  vulnerability  to
               social engineering. During one such assessment, our security analyst called the chief financial
               officer  of a  company  after spoofing  their  phone ID  so  it  appeared  to  be  an  internal  call from
               within the organization.

               With  just  a  little  prompting,  the  CFO  revealed  his  user  name  and  network  password  to  the
               security analyst. That kind of attack emphasizes the importance of user awareness training and
               the  need  for  both  regular  employees  and  management  to  take  ownership  of  information
               security.

               Organizations must put cybersecurity policies in place and ensure that all employees are aware
               of what those policies contain. In order for the policies to be effective, senior management must
               understand them and stand behind their enforcement. Through proper policies, education, and
               training, organizations can repair what has become the weakest link in information security —
               their own people.




               About the Author

               Jason Matlock is a security analyst for Sword &
               Shield Enterprise Security Inc. Headquartered in
               Knoxville,   Tennessee,    Sword     &   Shield
               specializes  in  security,  risk  and  compliance
               assessment,     managed     security   services,
               enterprise  security  consulting,  security  incident
               response and forensics, and technical solutions.
               It will host the EDGE2017 Security Conference,
               Oct. 17-18, 2017.









                    34   Cyber Defense eMagazine – September 2017 Edition
                         Copyright © Cyber Defense Magazine,  All rights reserved worldwide.