#1. Posted by Bhavya
Humans are the weakest link in the security of an organization, In people’s organization people are the weakest link because most of the threats to an organization happen due to the negligence of the employees, where there is also certain percentage of small threats inside any Organization. We are all humans and we make small mistakes, but small mistakes can cause major financial loss and however advanced the technology is it is maintained by humans. So however strong your Organization firewall is or however strong Anti-virus Software is people are very vulnerable than computers. Most common human mistakes are opening Spam emails and attachments and clicking on unnecessary emails which makes easy for the hackers to interpret human behavior and hit on a network or an organization.
Most of the data breaches are due to the human behavior. Outside perpetrators target employees to get information of Client details, Confidential Information, source code and blackmails, to demand large amount to encrypt the data. To reduce the risk and damage is to train employees on how to look after the attacks by outsiders. Also, regular risk assessment of employees can reduce the Cyber risk. Also Vulnerability assessment and penetration testing reduces the risk of any organization. Most important security is to eliminate the human intelligence because how many trainings are given they still do not match to the intelligence of the hackers.
#2. Posted by Himakar
As humans, we all commit mistakes at some point or the other. But the problem here is that, there are plenty of people who are trying to take advantage of a single silly mistake which can cost your business tremendous financial loss. Advanced security practices, no matter how sophisticated will always be constrained by our human factor. Perpetrators target employees to demand ransom by encrypting the data and files, to malign the public image of the firm, or to disrupt some service thereby causing substantial damages on large scale.
Attackers tend to go after low-hanging fruit. If a malicious hacker targets a system for whatever reason, they're going to follow the path of least resistance. That means they'll try to attack the parts of the system that look the weakest, and not the parts that look the strongest. Often, the weakest part of your system will be administrators, users or tech support people who fall prey to social engineering. Hackers generally use the means of social engineering to target various verticals like healthcare and e-commerce. Hackers tend to capitalize on the negligence of employees. It can be said that people are more vulnerable than computers in some situations. In fact, more than 50 percent of businesses got trapped in a social engineering attack in 2016.
Some of the strategies for reducing the risks should involve, conducting Regular People Risk Assessment of employees which can reduce the cyber risk considerably, to use incentive mechanism to foster the Employee for attention towards security aspect. Periodic Vulnerability Assessment and Penetration Testing reduces threat-posture of the organization.
Mask20
Responsetodiscussions-IA.docx
0
