The COVID-19 pandemic has provided everyone a fresh lesson that security truly is everyone's job.
As governments began issuing stay-at-home orders and people adapted to working remotely, suddenly, Zoom was on everyone's lips. The platform became a staple of both working from home and keeping in touch with friends and family. Predictably, researchers started discovering security and privacy vulnerabilities, and soon "Zoombombing" entered the conversation. While Zoom worked to secure the product, its users — many neophytes to video calls — had to figure out how to configure their Zoom instances to prevent hackers from hijacking calls.
Traditionally, the concept that "security is everyone's job" has been an essential part of education and awareness campaigns against phishing and other email-related attacks. And rightfully so, as these attacks are often the first step for attackers working their way to their ultimate target. But the Zoom example shows that awareness and diligence are important at every level. Further, in many organizations, collaboration tools such as Slack are replacing email as the preferred method to share content and data. In organizations that impose size limits on email attachments, for example, employees can freely pass around files 10 times that size in Slack sessions.
A former CISO of a prominent intelligence agency once told me, "The most dangerous cybersecurity vulnerability is the carbon-based life-form." Attackers rarely employ a frontal assault on technology to penetrate protected networks. People provide a considerably simpler and often faster path by which to initiate an attack. To attackers, technologies change and organizations adapt to new security vulnerabilities, but humans represent a consistent vulnerability they can exploit.
Thankfully, measures are being taken to safe ..
Support the originator by clicking the read the rest link below.
