Archive for August, 2007

Network Nightmare #1 - Telephone Social Engineering

Wednesday, August 22nd, 2007

Over the past ten years, I have taken part in a large number of penetration tests, from both inside and outside organisations. Over this period several important themes have emerged, which, whilst apparently unrelated, contribute to the failure of organisations to adequately protect their information assets. My ‘top five network nightmares’ are a distillation of these ethical hacking experiences of the past ten years and represent my view of the most likely route an attacker would take to compromise your network security.

(more…)

Posted in Uncategorized | No Comments »

Building a Security Culture from the Top Down

Wednesday, August 22nd, 2007

Within most organizations, employees fall into two distinct tribes. On the one side there are the information technologists; on the other, the business users and managers.

Each tribe views the other with considerable distrust and exasperation. Technologists cannot understand the complacency with which business users view the internal and external threats to the organization. Meanwhile, the business users feel the technologists are intent on obstructing them in their work.

(more…)

Posted in Uncategorized | No Comments »



© Exaprotect. All Rights Reserved | Disclaimer | Privacy | Terms of Use

Entries (RSS) and Comments (RSS).