It has been two years since we first heard about one of the largest data breaches in the history of the federal government, hitting the Office of Personnel Management (OPM) and exposing the sensitive personal information of more than 22 million current and former employees. What's happened since then?
People go to work to do their job. They have meetings to attend, calls to make, tasks to complete, quotas to reach, and much more. So they can’t be bothered with worrying about information security. However, their habits – good and bad, innocent or malicious – are putting their employer’s business at risk. All it takes is one poorly made decision, or maybe even the lack of a decision in many cases, to damage or even destroy a business.
Ahhh yes, our employees. We love them dearly, but sometimes they do things that put the company at risk of a data breach or other cyber attack. I reached out to the InfoSec community to help me capture some of the more common scenarios and troubling cases where employees could cause a company harm, both unknowingly and maliciously.
In today's breach-a-day environment, should companies issue penalties to insecure employees? Preempt’s Heather Howland thinks so. But just how severe should these penalties be? Let's find out.
Modern enterprise is a perpetual tug-of-war between security and convenience. And the latter is winning. What’s an administrator to do?
Many SMB employees out there put themselves – and their sensitive data – in harm’s way because they are unaware of the risks and the proper security measures to take. In fact, in many data breach cases, human error is often the culprit.
How can education be used to produce the next generation of cybersecurity experts? The National Initiative for Cybersecurity Education (NICE) is bringing solutions and networking opportunities to Kansas City in its annual NICE Conference and Expo.
Psychology skills are supplanting technical skills as a critical hacker skill. "A culture of security is in place when rhetoric is replaced with action," says Gene Fredriksen CISM, CRISC and VP & CISO, PSCU.