Multiple cyber attacks are successful due to unaware and undisciplined users.
Many organizations may rate the threat and vulnerabilities of cyber crimes as low, considering there are no known reported cyber attacks on the organization. It is very likely that an organization already has a risk assessment process in place, but in the face of cyber threats, it becomes extremely important to reconsider the nature of these attacks and resist the risk assessment exercise.
Several organizations may have a false sense of security and confidence that since they have security devices, tools, and techniques, they are already cyber secure.
Now is the time to reconsider and reexamine whether these security devices can be bypassed by any means and realistically assess the risk to the environment. Risk management teams need to keep abreast of how cyber crimes are commonly conducted and factor into similar use cases to their risk assessment exercise.
Passwords, personal identification numbers (PINS), tokens and digital certificates are the most commonly used authentication mechanisms. While an organization may have an excellent password policy, it becomes important to evaluate whether it is implemented properly across the entire organization. Authentication management system should not accept any weak authentication credentials. System and network administrators need to be extra careful, as they are responsible for highly privileged accounts. Compromise of the authentication system itself and highly privileged accounts are high-risk areas that need to be reconsidered.
Users with desktops, laptops, mobile handsets and personal digital assistants (PDA’S) can be lucrative targets for cyber attacks. Typically organizations would deploy from basic antimalware to comprehensive end-point protection measures. Antimalware solutions should be able to detect and protect from various kinds of threat agents such as viruses, worms Trojans, spyware, adware, keyloggers and other variants of malware. Organizations should ensure that there is adequate protection at points of entry through the internet and email access. Endpoint protection solutions should be capable of recognizing suspicious activity on end-user systems such as unusual ports and traffic patterns, file alternation, attacks on system files and the other activities that can be of interest to a cyber attacker.