Cyber security is a growing concern for any business. At least it should be.
Most companies correctly invest a great deal in securing their IT systems. They inspect data on the perimeter of their networks, servers and workstations, filter websites that may contain malicious software, and institutionalize policies assuring proper password protection.
The list of measures taken to secure data goes on and on. Yet, cyber criminals are still able to access data. How can they get past these security measures so easily? How can all of these measures be defeated so easily by someone halfway across the world?
The short answer is that they don’t always try to defeat those measures. They simply go around them.
Today, the number-one way hackers access data is by employing a tactic known as spear phishing. Their scheme involves learning as much information about a company as possible, and then using that information to convince someone on the inside to provide the data they are looking for. In short, they use information to manipulate our trust. Obtaining the necessary information to make the appeal is not difficult. Most employees post their job title and the name of their company on LinkedIn or other social media. Many companies list their executive teams on their own website, and sometimes include a bio and even photos. It’s ripe for the picking – by the wrong people.