Lessons Learned continue to identify new and changing threats, but are organizational managers helping their organization’s personnel keep up with ongoing awareness or are they falling farther and farther behind?
For example, a recent article highlighted an attack that hit Twitter and may be one of the first time hackers to use the micro-blogging site for profit.
So why do hackers love social networking? Because unaware users (Boards, management, employees, vendors, contractors, consultants, business partners, etc.) will click on interesting links to things like “Best Video” or “Funniest Video” and unknowingly end up on a Russian domain that serves up malware or other exploits that can endanger your data or place “scareware” on their PC.
You mean your organization has not informed you about “scareware” yet? Scareware can be many things but in this case it was fake security software that, once installed, nags users with so many alerts that some users will fork over $50 or more to get rid of the bogus alerts.
As more and more users sign up for Twitter and because one of the main functions of Twitter is to share links with other people, organizational managers should be taking proactive actions to:
- Ensure all types of users are aware of risks and threats
- Help users know how to report potential attacks
- Help users know how to prevent attacks
- Help users know how to respond to an attack
- Help users know how to recover from an attack
- Help users know how to keep up with more sophisticated and changing threats that social networking can present
- And other organization specific awareness and guidelines
Lessons Learned are only valuable if they are implemented at the individual level and within your organization and across third-parties too…how is your organization keeping up??