Logo
PDF Print E-mail
Maturity of Hackers, IT Managers and End Users
February 23, 2010
Rick Shaw, CEO/President, Awareity

As stated in a previous article, maturity is a psychological term used to indicate that an individual responds to the circumstances or environment in an appropriate and adaptive manner.  The individual’s response is generally learned rather than instinctual and this maturity does not depend on one’s age.  An individual’s maturity encompasses being aware of the correct time and place to behave and knowing when and how to respond.

So let’s take a look at the maturity of Hackers, IT Managers and End Users?

Lessons learned clearly reveal the maturity level of Hackers is on the rise and their attacks are more and more sophisticated...and more successful too.   And a recent article in USA Today reported on how easy it has become for amateur hackers to steal 68,000 logons by acquiring sophisticated tools and utilizing proven resources and processes from more mature hackers.

So, are IT Managers adapting their management methods to keep pace?  I don’t think so and the number of escalating incidents prove that more needs to be done.

Are End Users mature enough to recognize and react to more sophisticated threats? Not even close.

A follow up article in the Technology Live section of USA Today included a security expert suggesting that most organizations do not have continuous, real-time monitoring in place to detect these threats.  The security expert went on to say that many organizations are focused on defending perimeters and meeting compliance checklists while forgetting the true mission of security teams is to protect high-value corporate data.  I agree the true mission is to protect high-value corporate data…but the problem is not a Technology issue with continuous, real-time monitoring and defending perimeters.

If you understand how the attack went down, the gang hired a spamming specialist to send out e-mail lures to End Users enticing them to click on a corrupted web link that infected their PCs.  Is this a Technology problem?  Is this an IT Managers problem?  Is this an End User problem?

I ask people these questions often and many people answer that it is an End User problem.  Do you agree?

Don’t IT Managers or perhaps Executive Managers have an obligation to ensure End Users are prepared to mitigate risks using a continuous, comprehensive, real-time awareness program for their End Users?  (Yes, according to numerous regulations, mandates and law suits.)

Unfortunately most organizations utilize once-a-year general training and blast out e-mails or newsletters with little or no accountability at the End User level.  What if organizations implemented anti-virus software on their PCs and updated it once-a-year instead of daily?

A continuous, comprehensive, real-time awareness program that requires End Users to acknowledge their understanding of guidelines, best practices and situational awareness of risks and threats will help End Users make better decisions so organizations can achieve better results.

Information Security programs must become more mature to keep up with the maturity and sophistication of hackers, risks and regulations. Is the maturity level of your organization’s information security program adapting and keeping up?

 

About Awareity

Awareity is a privately held organization founded in 2002. Awareity's innovative e-Management solutions empower organizations to 'connect the dots' and offer a unique focus on implementing lessons learned across several critical areas of business – compliance, information assurance, public safety, emergency management, enterprise risk management and reputation management.

Awareity’s solutions are helping organizations across multiple industries - education, financial, government, healthcare and other critical industries – to achieve better results by ensuring lessons learned become lessons implemented and the right information is shared with the right people in the right place at the right time with accountability and auditability at the individual-level. Awareity's solutions simplify complex challenges, reduce current and ongoing costs and improve efficiencies as obligations continue to mount and budgets and resources are limited.

Better Knowledge.  Better Decisions.  Better Results.

www.awareity.com
 
TCA Home | ARTICLES | WEBINARS | SIGN UP | EVENTS | SPONSORS | PARTNERS | EXPERTS | ABOUT | CONTACT | PRIVACY POLICY | UNSUBSCRIBE | TCA RSS Feed

Copyright ©2009 The Compliance Authority, Inc.