Training: Employees pose an enormous risk to system security. While some attacks are intentional, more damage occurs by mistake. The potential to download a malicious program is enormous--even when employees, vendors, or clients are trained. Personnel who use, access, or employ, your systems should receive prevention and detection training. Because malicious programming and hacking methods evolve rapidly, ensure that developments in cybersecurity are frequently discussed within your organization.
The U.S. Computer Emergency Readiness Team (US CERT) provides protocols, tools, and training for businesses to initiate system assessment and readiness. Steps identified by CERT toward readiness include:
US CERT also provides access to National Cyber Awareness products including current activity and alerts.
The breach at the OPM resulted in the theft of millions of sensitive HR files. As security experts work to identify the extent of the damage, OPM managers struggle to explain why sensitive data was not encrypted.
Data breach incidents in the United States, and across the globe, are on the rise. Hackers of yesteryear were individuals aiming at revenge or damage. Today, sophisticated hackers routinely test for IT vulnerabilities in companies of all sizes each day.
Could it happen to you? The long answer is yes.