Ever wonder why social engineering attacks are on the rise?
In talking to clients and other security professionals, it seems like phishing attacks are growing exponentially while training for such scenarios is not (in most cases).
In the article by Bryan Yurcan, The Biggest Cyberthreat to Your Bank Might Be Sitting Next to You, he offers that the increased social engineering activity that banks are seeing is most likely due to the high volume breaches that have occurred in recent months.
So, breaches breed more breaches… How do we stop that snowball?
Here are several ideas:
- Security Awareness Training – it can’t be a one-and-done approach any longer. It needs to be ongoing; quarterly, maybe monthly.
- Employees need to understand that information posted to facebook, twitter, or any other public place can and will be used against the bank by cyber-criminals.
- Information security needs to start at the executive level, or better yet: the board level. I like to say “Information security starts at the top” and that applicable here as well.
If you want to read the full article, the link is below, but before then, I’d like to share a quote from the article that should be used in every security awareness training:
“Every time you open your email, every time there is a request — every interaction is an opportunity for you to be susceptible.”
– Frank Sorrentino, the chairman and chief executive of ConnectOne Bancorp