Cyber Security and the People factor

Introduction

For a Cyber attack to be successful, three things must convergence to create the opportunity. There must be a vulnerability in the system. An attack vector or access path to the vulnerability. Finally , a payload must exist, that is an action that follows the exploitation of a vulnerability (Rose Tang) . The payload could be a malware or other activities initiated by the adversary when access has been compromised. The payload could alter , degrade or destroy computer systems and its supporting networks or other connected databases

Without , going through a list of recent attacks, one thing is common to most successful breaches, and that is human  actions deliberate or otherwise. The human factor continues to be focused on by hackers because you can bypass the strongest security controls if you can exploit the human weakness. Hackers are increasingly using advanced psychological techniques to gathering information prior to an attack. Known as social engineering , gaining confidence of people to access systems has grown with the implementation of more advanced technical controls that require great effort to defeat. Hackers may no longer need to spend resources trying to defeat these controls when they could gain credentials from people with access to the system. Credentials harvested through social engineering are then used to gain access and possibly increase privileges.

Security professionals must not only understand known vulnerabilities, they must also anticipate unknowns.. The weakest link in security are people , they are also the most important to safeguard in an event of a disruptive event. It makes sense to critically look at how the human vulnerabilities can be mitigated .

Changing the focus

Since no system is 100% secure , security managers should prepare extensively to contain a breach. There is more bang to the buck when you spend on defence, remediation and people. Since this article is more focused on people , the following countermeasure points are considered.

Awareness-The main countermeasures to Social Engineering attacks is awareness, personnel should be aware of such schemes and should never divulge access credentials on phone , via email or clicking on an unknown link.

Training– Targeted training to sensitise groups about such schemes will reduce the risk of a potential breach using such tactics

Education– Staff should be encouraged to learn more about the importance of information security and how it is intertwined with the overall continuity of the business or organisations.

Monitoring - Continuous monitoring of user activities to detect anomalies is also recommended .

Privilege Access Management- There is a need to tightly monitor and control administrative or privilege users.

There are many companies out there are offering education and training in information security awareness . For example Y-Digital Technologies a UK based boutique Cyber Security and training consultancy provides first class training and education in this area.

Companies must act to mitigate social engineering attack threats without delay

Thanks

Yemi Oluleye , MBA IT, MILM, ACIB , Certified TOGAF Architect. CISSP

Director at Y-Digital Technologies Ltd

Security Consulting, Research & Training