Social Engineering Defenses: Reducing The Human Element – Dark Reading
Most security awareness advice is terrible, just plain bad, and not remotely feasible for your average user.
Source: www.darkreading.com
We can never put the blame on the user for a breach. It would be like blaming a driver for faulty brakes on his car.
Training is essential; we need to develop a common understanding about insecurities in surfing and email for instance. It’s like teaching your kids to lock the door when leaving home.
But the rest is our job! We, the security professionals, it’s our job to make security simple enough to be used. Users are under pressure to fulfill their job description and perform the tasks they have been employed to do. If security is in their way, they will find workarounds so that they can fulfill their tasks and still be home for dinner. It must be easier to do right than to do wrong, and the only ones that can make it easy are we that know security and tech. If our tools are not good enough, change tools and put some pressure on the suppliers (spoiler, I am a supplier).
See on Scoop.it – Secure communication
The post Social Engineering Defenses: Reducing The Human Element – Dark Reading appeared first on Apptimate.
Source: Apptimate
Social Engineering Defenses: Reducing The Human Element – Dark Reading