17 Jun 2011
Simon Romp
While the debate rages on as to whether the recent attack on the IMF (International Monetary Fund) was indeed a state-sponsored attack, the security industry should focus its efforts on thinking about how to prevent these types of attacks in the first place. It seems that the IMF has fallen victim to spear-phishing whereby specific people within the organisation were targeted with scam emails which then deliberately infected their PC.
This scenario highlights the critical role of user education and the need for tools to monitor users and machines on the corporate network. Empowering staff with information, trust and an understanding of data loss prevention demonstrates that they have an important part to play in protecting the organisation from the threat of data loss.
Know your Insider
Tools should then be used to verify compliance with information security poicies. The ultimate goal is to get staff to treat company data with the same respect they have for their own personal data. In many ways, your employees are your last line of defence so they should be armed with the right weapons to take the fight to the fraudsters.
____________________________________
This blog first appeared on Finextra. Click here to see the entry on the Finextra website
