Source |
CSO |
Identifiant |
8287760 |
Date de publication |
2022-12-05 02:00:00 (vue: 2022-12-05 10:05:55) |
Titre |
When blaming the user for a security breach is unfair – or just wrong |
Texte |
In his career in IT security leadership, Aaron de Montmorency has seen a lot - an employee phished on their first day by someone impersonating the CEO, an HR department head asked to change the company's direct deposit information by a bogus CFO, not to mention multichannel criminal engagement with threat actors attacking from social media to email to SMS text.In these cases, the users almost fell for it, but something didn't feel right. So, they manually verified by calling the executives who were being impersonated. De Montmorency, director of IT, security, and compliance with Tacoma, Washington-based Elevate Health, praises the instincts that stopped the attacks from causing financial or reputational damage. Yet, he contends that expecting users to be the frontline defense against rampant phishing, pharming, whaling, and other credential-based attacks increasingly taking place over out-of-band channels is a recipe for disaster.To read this article in full, please click here |
Envoyé |
Oui |
Condensat |
aaron actors against almost article asked attacking attacks band based being blaming bogus breach but calling career cases causing ceo cfo change channels click company compliance contends credential criminal damage day defense department deposit didn direct director disaster elevate email employee engagement executives expecting feel fell financial first from frontline full has head health here his impersonated impersonating increasingly information instincts just leadership lot manually media mention montmorency multichannel not other out over pharming phished phishing place please praises rampant read recipe reputational right security seen sms social someone something stopped tacoma taking text these threat unfair user users verified washington whaling when who wrong yet |
Tags |
Threat
Guideline
|
Stories |
|
Notes |
★★★
|
Move |
|