December 14, 2015
Joe Franscella

5 Ways to Guard Against Personnel Exploits

<p>One of the best ways to protect your employees from cyber attacks and personnel exploits is to arm them with the tools they need to defend themselves and your company. This means, going beyond password protection and educating them on some of the less-than-obvious ways that hackers can slip through the cracks.</p><ol><li>Set a Social Engineering Shield: <a href=""><strong>Social Engineering </strong></a>(SE) is the latest in cybersecurity attacks. It is essentially a strategy that uses manipulation to get information. And, contrary to its name, it is not specifically social media focused. Social media is just one way that hackers and attackers use manipulation and persuasion to get the information they need to wreak havoc on security. SE relies on human fallibility, exploiting our gullibility and taking advantage of the small amount of info we need to verify someone’s identify. This leads directly to…<br />  </li><li>Keeping Your Guard Up: Most people are generally friendly, particularly in a professional setting. And while you don’t want hostile employees, you also don’t want vulnerable employees. History shows that employees are much more likely to give out sensitive information when communicating with someone familiar. This means hacker and cyber attackers pretend to know someone you know or to be someone you have met you at a conference (a prime example of SE). And while this can be harmless chatter, it can also be away that hackers are able to squeeze employees for sensitive information. Remind employees to be savvy and use their best judgment in all situations, especially if something just doesn’t seem right.<br />  </li><li>Overall Protection: Impenetrable security extends beyond the PC. Security pros must be ever-vigilant against attacks and this extends to mobile devices and security badges. You know those plastic badges that get your employees in the door? Well, they are also a great way for others to get in the door! Be sure that staff members guard these security badges (and their devices) as they would a credit card. While it may seem simplistic, that little piece of plastic holds the keys to your security.<br />  </li><li>Social Sabotage: Everyone loves social media...especially the bad guys. Be sure that your company has strict and thorough social media protocols in place. This is often an overlooked area that requires rules. And, going a step further and blocking social media pages at work, when applicable, is also recommended. Yes, your marketing department might need access to Twitter at work, but it is highly unlikely that employees need to check Facebook from their desks.<br />  </li><li>Turn to the Dark Side: What is the best way to beat your enemy? <strong><a href="{page_245}">Know your enemy</a></strong>. Think like a hacker. Hire a consultant with hacking experience. Step outside your comfort zone. Implement a hacking “test run” and learn which overlooked areas are exploitable. This will help you recognize vulnerabilities that may not seem obvious at first and raise employees’ awareness of why strict security measures are in place to protect them for cyber attacks.</li></ol><p>Read more about how to implement these and other cybersecurity measures, such as <a href=""><strong>threat intelligence</strong></a>.</p>

Get the Latest Anomali Updates and Cybersecurity News – Straight To Your Inbox

Become a subscriber to the Anomali Newsletter
Receive a monthly summary of our latest threat intelligence content, research, news, events, and more.