By
William G. Perry, Ph.D.
Submitted On August 05, 2014
The cyber criminals are winning. Individuals and organizations
are losing the computer security battle. The annual dollar amount being
stolen by cyber criminals now exceeds the total amount of money brought
in globally by illegal trade. This fact is stunning! What can be done?
Individuals and organizations must take pre-emptive action. This can only be done, in the author's opinion, when a security mind-set is developed by users and an organization implements a culture of information security.
The changes brought to us by electronic devices are phenomenal. Computers, tablets and smart phones have changed the way we do business and live. The invention and use of modern day digital implements have had far reaching consequences that are in the same earth-shattering league as the discovery of fire and its implication. We still have to exercise care to safely harness and use fire. Otherwise significant property losses and even lives can be lost.
A business must systematically protect the confidentiality, integrity and availability of its information assets. This can only be done when securing digital assets become a "business process". If your company is operating without a formal information security plan it is vulnerable. The only thing in doubt is how much you have already lost.
The same is true if we consider a single individual. You can determine your level of risk by considering the answer to just a few questions: Do you terminate a persistent Internet connection when you have finished surfing? Do you have a password that consists of more than eleven characters of which one letter is capitalized, one character is a numeral and another is a special symbol? Do you "lock" your keyboard when you leave your workstation? Do you systematically update software patches?
You are vulnerable unless you answered "yes" to each of the previous questions. Your systems may already be infected by malware. How can you be sure? One way is to obtain basic security software, learn how to use it and routinely follow security best practices. Avoid deviating from your routine and be suspicious of anything that is out-of-the-ordinary.
One person recently received a superior-looking email notification which appeared to be from the social media giant, Twitter™. The computer screen even had Twitter's logo and included the user's Twitter™ name. The communication informed the user that there was an attempt to access the user's account from a "different location" and the user was advised to change the account password.
The "form" on the user's screen contained space in which the user was asked to enter the "Old Password" and the "New Password". The ruse was very official in appearance and excellent. It failed for one basic reason, the legitimate user hadn't used the account for months. The target (the computer user) was suspicious and able to perform a "mouse over" (hovering above the link) to read the web address. The user saw a re-direct in the web address which would have sent the individual to a malicious software site.
Cyber criminals are very smart and very good. The number of attacks is increasing and their level of sophistication is increasing. One can't be too careful when it comes to protecting information assets. Clearly our digital information is at risk and we all must become more diligent in protecting it.
Individuals and organizations must take pre-emptive action. This can only be done, in the author's opinion, when a security mind-set is developed by users and an organization implements a culture of information security.
The changes brought to us by electronic devices are phenomenal. Computers, tablets and smart phones have changed the way we do business and live. The invention and use of modern day digital implements have had far reaching consequences that are in the same earth-shattering league as the discovery of fire and its implication. We still have to exercise care to safely harness and use fire. Otherwise significant property losses and even lives can be lost.
A business must systematically protect the confidentiality, integrity and availability of its information assets. This can only be done when securing digital assets become a "business process". If your company is operating without a formal information security plan it is vulnerable. The only thing in doubt is how much you have already lost.
The same is true if we consider a single individual. You can determine your level of risk by considering the answer to just a few questions: Do you terminate a persistent Internet connection when you have finished surfing? Do you have a password that consists of more than eleven characters of which one letter is capitalized, one character is a numeral and another is a special symbol? Do you "lock" your keyboard when you leave your workstation? Do you systematically update software patches?
You are vulnerable unless you answered "yes" to each of the previous questions. Your systems may already be infected by malware. How can you be sure? One way is to obtain basic security software, learn how to use it and routinely follow security best practices. Avoid deviating from your routine and be suspicious of anything that is out-of-the-ordinary.
One person recently received a superior-looking email notification which appeared to be from the social media giant, Twitter™. The computer screen even had Twitter's logo and included the user's Twitter™ name. The communication informed the user that there was an attempt to access the user's account from a "different location" and the user was advised to change the account password.
The "form" on the user's screen contained space in which the user was asked to enter the "Old Password" and the "New Password". The ruse was very official in appearance and excellent. It failed for one basic reason, the legitimate user hadn't used the account for months. The target (the computer user) was suspicious and able to perform a "mouse over" (hovering above the link) to read the web address. The user saw a re-direct in the web address which would have sent the individual to a malicious software site.
Cyber criminals are very smart and very good. The number of attacks is increasing and their level of sophistication is increasing. One can't be too careful when it comes to protecting information assets. Clearly our digital information is at risk and we all must become more diligent in protecting it.
Download our FREE ebook, "How to Secure Your Computer". Just access the web site (no registration) at http://www.williamgperry.com and click on the "FREE eBook" link.
Alliant Digital Services, founded by Dr. William Perry, publishes the Computer Security Glossary.
Dr. Perry is an information security specialist with significant experience as a university professor, author and service provider to various federal agencies including the Office of the Director of National Intelligence, the Department of Defense and the Federal Bureau of Investigation.
Article Source:
http://EzineArticles.com/?expert=William_G._Perry,_Ph.D.
Alliant Digital Services, founded by Dr. William Perry, publishes the Computer Security Glossary.
Dr. Perry is an information security specialist with significant experience as a university professor, author and service provider to various federal agencies including the Office of the Director of National Intelligence, the Department of Defense and the Federal Bureau of Investigation.
No comments:
Post a Comment