onShore Security

Because Security Gives Us Freedom.

  • Managed Security
    • Panoptic Cyberdefense
      • Panoptic Cyberdefense Overview
        • Cybersecurity in Banking
      • Managed Detection and Response
      • MDR + NDR
      • Security Orchestration
      • The Panoptic Approach
    • Cybersecurity Leadership
      • Cybersecurity Leadership
      • Continuous Vulnerability Management
      • Security Assessments
        • Security Assessments
        • Security Maturity Assessment
    • Managed Security Solutions
      • Managed Security Solutions
      • Panoptic Sensor
      • Managed Firewall
      • Managed EDR
  • Resources
    • Articles
      • Detection is your Superpower
      • Why We Win
    • Blog Posts
    • onSecurity Podcast
    • News
    • Videos
  • About Us
    • Why We Win
    • Our Mission
    • Our Clients
    • Leadership Team
    • Community
    • onShore Security Jobs
    • Press
  • Contact

Why Your Employees Are Your Greatest Cyber Security Risk

April 21, 2017 By Josh Eklow

The Human Element

cyber security ChicagoYour cyber security team in Chicago must consider human error when security measures and policies are implemented. If it doesn’t, the widest possible potential for threat will be wide open. Did you know that approximately 95% of all security breaches are rooted in an internal error, be it intentional or unintentional?

There are a few reasons for this. Not all security breaches are intentional. In fact, most of them are not, and that will be the primary discussion in this writing.

Lax Security

How are your passwords stored? Employees aren’t keeping them on a file in their computer labeled “passwords,” are they? What are your passwords? Are they something easy to remember like “qwertyuiop,” or “1234567890,” or “God69,” or something like that? Or are they an encrypted bevy of characters and symbols which requires a brute-force program to compromise? You want the latter. You should at the very least have these aspects in your login passwords:

  • Symbols Like “$” or “!”
  • Capitals
  • Numbers
  • Eight Or More Characters
  • Unconventional Configuration

So, an example of the proper format would be: “Password10!”, but that would be a bad password because it’s easy to crack through trial and error. There’s a list of the 25 most common passwords, and the truth is, if you just go down this list, you’ll be able to break into most systems. This is one way many businesses who have otherwise effective cyber security in Chicago are routinely hacked by cybercriminals.

The Internet Factor

But even if you’ve got the most secure password techniques, you must additionally train staff on proper internet usage protocols. They’re going to get emails from scammers trying to “phish” information. The better scammers will obtain login info from one method or another and sit on it until they can go “whaling.”

Whaling is a means by which administrative employees have their information hacked, and large sums are transferred, stolen, or otherwise disseminated in a means which compromises operations. It works like this: a hacker will send out an email throughout a given operational floor which usually contains iterations of known names. Bill Johnson and Steve Jacobs become Bill Jacobs or Steve Johnson, followed by “@yourorporationsemail.com.” Sometimes, hackers will even use the names of supervisors, but with a different ending address. So instead of supervisor MaxPlanck@yourcorporationsemail.com, they’ll have MaxPlanck@misspelledcorporationemail.com. This looks very similar and is hard to catch.

Contained in the email is a link which prompts the user to enter their login information. The hacker gets it, then combs through their emails on the sly until they can find login information for administrative personnel. They jump up the line, then use that administrative email to requisition funds from those near the top who have access to some real money. The “whale” of a hacking “haul.”

Notice that this is done completely within the bounds of conventional security. It doesn’t matter how good your anti-malware or anti-spyware or anti-virus software is if a hacker is clever enough to exploit simple human weakness.

Outsmarting Hackers

Cyber security in Chicago needs to be informed by agencies that understand the landscape, as well as the trends transitioning through it. The cyber landscape transitions with technological innovation. Common hacking ruses are routinely replaced by new ones as the old are found out. What you need is security solutions like ours at onShore Security. We understand the landscape and can help you safeguard your business in a perpetual way incorporating the human element into preventative measures. We at onShore offer top-tier solutions, and will assure you remain secure. Contact us for solutions against even the human element.

Contact us to learn more about managed security services

Filed Under: Cyber Security, Cybersecurity Chicago, IT Security Chicago, Network Security Chicago Tagged With: cyber security, cyber security Chicago, IT consulting Chicago, it outsourcing Chicago, it security Chicago, IT security employees, IT support Chicago, managed it services Chicago, network security Chicago

312-850-5200

216 W. Jackson Blvd.
Chicago, IL 60606

info@onShore.com

  • Email
  • Facebook
  • LinkedIn
  • Twitter
  • YouTube
  • Home
  • Managed Security Services
  • Jobs