For twenty years, hackers have tried to breach organization’s networks by finding or breaking holes in the network’s perimeter, or in exposed servers. This led to the cybersecurity industry creating software designed specifically to stop these threat actors in the act. This, in essence, created a situation where the perimeter of an organization’s network was extremely hard to breach. The problem was that as soon as something was able to get through the outer defenses, there was no end to the devastation a hacker could cause inside a network.
Phishing emails feel like a new cybersecurity phenomenon, but they’ve been around for a while. We all remember the old Nigerian prince email scam. It’s become a punchline but, as The Washington Post has discovered, these scams are stealing billions of dollars from U.S. citizens. Though tactics have changed, and cybercriminals have become more sophisticated, the philosophy behind a phishing attack is still the same. Lure someone into handing over confidential information.
When you think of a cyber attack, social engineering doesn’t jump to the top of concerns. But it’s a genuine threat, and it’s one you need to take seriously. Even the best network security precautions may not stop a social engineer from gaining valuable information about your business. Your employees are the front line of defense against social engineering, and they need to be aware of what to look for.