Why Security Awareness Alone Won’t Stop Hackers
- Michael Trotter-Lawson
- Mar 2, 2015
- 1 min read
On one level, I agree with the general premise of this article in that certain attack vectors cannot be addressed by better end user awareness training alone. The very nature of a “low and slow” attack is deceptive and difficult to defend against, but their are methods to address it including close monitoring of critical systems using a baseline system function approach. That said, awareness training remains vital and still effectively defends against many of the most successful attack vectors including social engineering and access control compromises.