On one level, I agree with the general premise of this article in that certain attack vectors cannot be addressed by better end user awareness training alone. The very nature of a “low and slow” attack is deceptive and difficult to defend against, but their are methods to address it including close monitoring of critical systems using a baseline system function approach. That said, awareness training remains vital and still effectively defends against many of the most successful attack vectors including social engineering and access control compromises.
top of page
Recent Posts
See AllI recently spoke about the FTC’s lawsuit against Chegg, a major education tech firm, in one of the weekly tech tips interviews I provide...
Multiple sources have reported the breach of Cisco’s own network, purportedly via a Cisco employee’s personal Google account. According...
I very much enjoyed this article from Pieter Danhieux via Dark Reading and this creative approach to the management of applications and...
bottom of page
Comments