Firstly lets dispel some myths around the "Hacker" gone are the days of dark rooms and dingy basements portrayed in popular films. Hackers are from every walk of life and every level of business and to that end all have different motivations behind doing what they do. Unfortunately for us , they come with a toolkit that can potentially cause you and your company large problems in the short and long term.
Alas its not all doom and gloom , these hacks are of varying scale and now we have the "Ethical Hacker" on our side!
In short these individuals are hired by companies to try and take down their systems and show the weakness within. This type of testing allows companies to see areas where they are vulnerable but interestingly this is not just in the digital domain. Companies are understanding that "Social Engineering" and "Pretexting" can have a significant impact on how hackers access their systems.
More and more we are seeing that IT infrastructures are at risk through their people rather than by direct technology exploits. We are seeing the same effect in the theft are cars. As the anti theft systems become more and more effective, thieves now resort to breaking into a house to steal the keys.
What is the impact of this on a culture of compliance? The most important point is that we should not just focus on policies and procedures! We need to ensure that all staff understand their obligations and how they can be (unwittingly) part of an exploit. To minimise the risk of social engineering exploits happening, there are some simple steps you can follow to reduce the risk of this happening to you or your company.
Firstly : Be careful what you share on social media! Ideally keep your social media private to your friends as the less exposed you are, the less vulnerable you are! Always think about what you share and how it could be used. For example, just as you would not advertise on Facebook that your house is empty and vulnerable to burglars, you should not use anything you have shared in any password.
Secondly : Always be careful with data you have, especially if it includes personal data. Think about your firm's data protection protocols, such as how and when to encrypt data, as this can significantly reduce access to information that could be used against you and others!
We hope this helps give a little insight into "Hacking".
Want to know any more please get in touch and start a conversation with us.
Have a great day from all of us at E3CT.