Over the past few months there seem to be a lot of security
breaches that stems from phishing attempts.
Business and organizations have been requiring that all employees take
some form of security training on an annually basics. The training usually warns
users of virus, phishing attempts and other information security aspects. I’m just curious as to why users are still
falling prey to phishing attempts especially those who are associated with the
government or military. About a month
ago the white house suffered a breach on their unclassified network via a
phishing e-mail. As government employees
you are constantly warned about phishing e-mails and yet there is a breach via outsider
gathering information from a phishing e-mail.
Is there something wrong with the training? Does it need to be revamped?
Or is it that users are just not thinking?
This is another example of an “insider threat”. The article can be found at: http://www.businessinsider.com/white-house-confirms-security-breach-by-chinese-hackers-2012-10#ixzz2A5hQ1lJA
No comments:
Post a Comment