Post on 18-Jul-2015
transcript
#1: pathetic Passwords
#6: HOOKING UP WITH ANOTHER MAN’S WI-FI
#7: A LITTLE TOO SOCIAL
#5: RECKLESS ABANDON
OF MALWARE IS KEY LOGGER OR APPLICATION-SPECIFIC – WHICH OFTEN REQUIRES DETAILED
KNOWLEDGE OF OR PHYSICAL ACCESS TO A TARGETED SYSTEM
26.4%
#2: Peeping ROMWORKERS SURVEYED THAT SAY THEY HAVE BEEN ABLE TO SNEAK A PEEK AT A CO-WORKER’S OR STRANGER’S WORK STATION IN THE WORKPLACE OR A PUBLIC PLACE 71%
ONE IN THREE WORKERS LEAVE THEIR COMPUTERS LOGGED ON TO NETWORK RESOURCES AND UNLOCKED WHEN THEY ARE AWAY FROM THEIR DESK
USERS TRAINED IN AVOIDING PHISHING AND SCAM EMAILS FELL FOR THESE MALICIOUS EMAILS 42% LESS THAN THOSE WITHOUT TRAINING
#4: PHISH BITING
OF IT SECURITY PROS SAY THEY COME ACROSS PHISHING MESSAGES THAT GET PAST SPAM FILTERS
OF IT ORGANIZATIONS HAVE TOP EXECUTIVES OR PRIVILEGED USERS WHO HAVE FALLEN FOR MALICIOUS EMAIL ATTACKS
69%
27%
OF YOUNG WORKERS THINK CORPORATE SOCIAL MEDIA POLICIES ARE OUTDATED
OF ENTERPRISES HAVE SEEN AN INCREASE OF MALWARE INFECTIONS DUE TO EMPLOYEES’ USE OF SOCIAL MEDIA
10+25+68+90BY 2015, THE NUMBER OF WIFI HOTSPOT DEPLOYMENTS WILLINCREASE BY 350%
ONLY 18 PERCENT OF USERS USE A VPN TOOL WHEN
ACCESSING PUBLIC WI-FI
18%
THE FBI RECENTLY RELEASED AN ALERT TO TRAVELERS WARNING AGAINST AN UPTICK IN MALWARE PASSED OFF AS SOFTWARE UPDATES ON HOTEL INTERNET CONNECTIONS
67%
REGULARLY IGNORE IT POLICIES70%
52%
#3: USB STICK UP
OF USERS REPORT HAVING EXPERIENCED A VIRUS INFECTION THROUGH A USB DEVICE
OF USERS WHO FIND RANDOM USB STICKS IN A PARKING LOT WILL PLUG THEM INTO THEIR COMPUTERS
ADD THECOMPANYLOGO, AND THATNUMBER INCREASES TO
60%
35%
90%
UneducatedEmployees
7 deadly sinsAND THEIR
TODAY'S ORGANIZATIONS EXPERIENCE AN AVERAGE OF
14.4 INCIDENTS/YEAROF UNINTENTIONAL DATA LOSS
THROUGH EMPLOYEE NEGLIGENCE
THE TOP CAUSE OF ORGANIZATIONAL DATA BREACHES:
"NEGLIGENT INSIDERS"
EMPLOYEES THAT SAY THEY WERE EDUCATED ON SECURITY POLICIES
BUSINESSES BREACHED THAT DID NOT HAVE SECURITY POLICIES IN PLACE THAT INCLUDED SECURITY AWARENESS EDUCATION
PUBLICLY REPORTED INSIDER BREACHES THAT ARE EXECUTED WITH MALICIOUS INTENT
IT PROFESSIONALS THAT REPORT SECURITY POLICIES ARE COMMUNICATED
TO NEW HIRES DURING ORIENTATION87%
32% 15%
56%
THE MOST COMMON CORPORATE PASSWORD IS Password1 BECAUSE IT JUST BARELY MEETS THE
MINIMUM COMPLEXITY REQUIREMENTS OF
ACTIVE DIRECTORY FOR LENGTH, CAPITALIZATION AND NUMERICAL FIGURES
IN APPROXIMATELY 15% OF PHYSICAL SECURITY TESTS
PERFORMED AT CLIENT SITES IN 2011, WRITTEN
PASSWORDS WERE FOUND ON AND AROUND USER
WORKSTATIONS
15%
OF USERS DO NOT
PASSWORD PROTECT
THEIR SMARTPHONES
OF PEOPLE WHO FIND LOST CELL PHONES
RUMMAGE THROUGH THE
DIGITAL CONTENTS TO LOOK AT SENSITIVE INFORMATION
89%70%
SOURCES:www.darkreading.com/identity-and-access-management/167901114/security/application-security/240005123/study-phishing-messages-elude-filters-frequently-hit-untrained-users.htmlhttp://ecs.arrow.com/suppliers/documents/IDCWhitePaper-InsiderRiskManagement.pdf; www.cisco.com/en/US/solutions/collateral/ns170/ns896/ns895/white_paper_c11-503131.htmlwww.cisco.com/en/US/solutions/collateral/ns170/ns896/ns895/white_paper_c11-499060.html; www.kaspersky.com/downloads/pdf/kaspersky-lab_ok-consumer-survey-report_eng_final.pdfwww.wi-fi.org/media/press-releases/wi-fi%C2%AE-security-barometer-reveals-large-gap-between-what-users-know-and-what; http://net-security.org/secworld.php?id=12634http://digitallife.today.msnbc.msn.com/_news/2012/03/08/10595092-exclusive-the-lost-cell-phone-project-and-the-dark-things-it-says-about-us#.T1jKmQSi0sM.emailwww.bloomberg.com/news/2011-06-27/human-errors-fuel-hacking-as-test-shows-nothing-prevents-idiocy.html; www.corpmagazine.com/technology/digital/itemid/9828/pageid/2/how-to-mitigate-insider-threats;www.bbb.org/blog/2011/08/70-percent-dont-password-protect-their-phones/; www.wballiance.com/resource-center/wba-industry-report/; www.chariotsfire.com/thesis/Chapter6.pdfwww.trustwave.com/global-security-report www.trustwave.com