Access your Pro+ Content below.
Opinion: Firms can’t or won’t address social networking security risks
This article is part of the IT in Europe issue of December 2011
Despite all the progress organisations may make in security, users remain the weakest link, and there’s no patch for stupidity, dishonesty or vindictiveness. A recent survey report, The Risk of Social Engineering on Information Security (.pdf), painted a worrying picture of global office workers, who are apparently more than happy to hand over sensitive information to people who send them emails or who befriend them on social networking sites. The survey, commissioned by Check Point Software Technologies, found 42% of UK enterprises (the global figure was 48%), have experienced more than 25 social engineering attacks in the last two years. More than a third of the UK respondents who admitted to being victims said the average cost per incident was more than £15,000. It turns out new employees and contractors are the most vulnerable to the attacks, which can include phishing emails and approaches via social networking sites. Once the attackers gain information about employees, they can then mount targeted spear phishing attacks to...
Access this PRO+ Content for Free!
Features in this issue
As the relative security of passwords falters, are they destined for obscurity?
A pen tester explains the importance of creating a secure password
News in this issue
Traditional antimalware can't keep up with the threat landscape. Are antivirus signatures destined for the rubbish bin?
Columns in this issue
It's a common refrain: Even companies that are aware of social networking security risks don't do anything about them.