The Herman Trend Alert
November 1, 2017
Employees---The Greatest Cybersecurity Threat
As security measures become more effective, people are the greatest threat to cybersecurity. Writing this month for Stratfor, the global geopolitical intelligence platform, Scott Stewart, their Vice President of Tactical Analysis was very clear about the danger of the human element.
A personal story informs this Herman Trend Alert
Back in 1999, Roger Herman, my late partner, and I learned a difficult lesson. A man answered an ad we posted looking for a marketing manager. He claimed to be a "reformed" alcoholic, whose alcoholism had ruined his life; he was looking for a second chance. Unfortunately, one day he came back from lunch slightly drunk, clicked on the wrong email, and released the Melissa virus into our system. We lost three manuscripts that day for which we still do not have ebooks. People are clearly the weakest link in cybersecurity.
Phishing---still a prevalent form of attack
The example above was clearly an example of phishing in which the victim clicks on a URL and that sets off the downloading of a virus or other program to the target computer. A more insidious form of this evil tactic is called spear-phishing. Highly targeted, this method uses an advanced form of social engineering to deliver malware. Using the target's name, this under-handed approach often looks like it is from a trusted friend, co-worker, or boss. A very sophisticated form of spear phishing was recently used to hack sensitive information on the target's clients. Sometimes called a "virtual honey-trap" operation, this type of approach illustrates how social engineering approaches may be used to trick people into unintentionally supporting cyberhacking. And the newest form using social engineering to scam a company is called the "fake president fraud". This scam features an email that appears to be from the CEO or another senior company officer directed to an accounts payable executive; this fraud requests "the urgent and secret transfer" of funds.
Smugglers, "Office Creepers" and other criminals
Hackers have also used onsite means of gaining access to sensitive information by claiming to have forgotten their credentials to return to a building after a smoke break or even bribing employees for needed access. Then, with a single malware-infected flash drive, hackers can corrupt a system with the needed software to take over and have access to every file in the computer. Warn your people to be on the lookout for such attacks.
Are you vulnerable?
If you have an employee, any employee who is not paying attention, the answer is "You bet!"
The only things you can do are 1) Keep you virus software up to date; we like automatic updates behind the scenes best; and 2) Alert your people to the most current threats; encourage them not to open an email, if they do not know the sender and even if they know the sender, if something does not seem right, send a separate email to the sender, asking if s/he recently emailed with a particular message.
Cybersecurity---a great career path for the near-term future
Cyberhacking is not going away and moreover, we expect it to become increasingly sophisticated. When asked recently for the most secure career path in this fast-automating world, we suggested Cybersecurity. This field will grow exponentially in the near-term future and provide millions of jobs for graduating students who are savvy enough to gravitate towards this field.
What's next?
As cybersecurity technology becomes more sophisticated, hackers will increasingly look for ways to capitalize on the human element. People will continue to be the weakest link.
Special thanks to Scott Stewart at Stratfor for his informative and consciousness-raising article on cyber threats.
© Copyright 1998-
by The Herman Group, Inc. -- reproduction for publication is encouraged, with the following attribution: From "The Herman Trend Alert," by Joyce Gioia, Strategic Business Futurist. 1.336.210.3548 or https://hermangroup.com. To sign up, visit https://HermanTrendAlert.com. The Herman Trend Alert is a trademark of The Herman Group, Inc."
HEAR JOYCE SPEAK TOMORROW AT 11:30 AM EDT
Tomorrow morning, Joyce will be a Fireside Chat Speakers at the Brightside Business Women Empowerment Virtual Conference where she will talk about how business women can use the insights from her new, groundbreaking book, EXPERIENCE RULES, to be successful. Register for FREE at https://brightsideglobaltrade.org/women.
GET COACHING FOR YOUR PEOPLE FOR LESS THAN $1/DAY!
Gain access to dozens of coaches for the same low price. Find out more by visiting https://ingomu.com/joyceg
JOYCE IS ON THE RADIO EVERYDAY NOW
To listen to Joyce's TV shows on the radio, simply visit RadioFutures.com. Joyce's show is streaming every day at 3:00PM Pacific Time.
To read this Herman Trend Alert on the web: https://hermangroup.com/alert/archive_3-29-2023.html.
Herman Trend Alerts are produced by the Herman Group, strategic business futurists, Certified Management Consultants, authors, and professional speakers.
New subscribers are always welcome. There is no charge for this public service. The Herman Trend Alert is read by over 30,000 people in 90 countries, including other websites and printed periodicals. Click here to sign up for the Herman Trend Alert.
Do you enjoy receiving this weekly e-mail update? Contact us about our co-branded Herman Trend Alert service.
Subscribe or Unsubscribe to weekly Herman Trend Alert
View this week's Herman Trend Alert
Archived Weekly Herman Trend Alerts