February - 20188GOVERNMENT CIO OUTLOOKIN MYOPINIONUsers, Don't Take The Bait!nformation Technology Security is a sum of many parts. Border security involves layers of security systems across multiple networks. Virus protection involves updated virus datasets and tools. Physical security involves facility access and locking down wall jacks. Wireless system security involves credentialing and transmission encryption. Data security involves hardened systems and at-rest encryption. But the hardest security threat to adequately cover is the user who inadvertently lets a hacker into their system by accident. This user attackconcept is very similar to a fun and relaxing sport, fishing. Everyone loves to fish. It is exciting the first time you set your bait and then cast the line into the water to catch your first fish. Unfortunately, within the technology world we live in today, we are the fish when it comes to the easiest way hackers can penetrate your systems defense. PhishingCoincidently, this user based attack is a homophone called "Phishing". Phishing is now the number one method for hackers to gain access to a computer or network. Phishing is the same concept as real fishing. A hacker will send "bait" in the form of an email with arequest for sensitive information or an attachment to open or alink to click on. Once the user takes the bait, the hacker exploits the user's action by gaining access to your computer. One of the first phishing attacks were performed by phone. Hackers calling individuals saying they are from an institution or organization. They ask for your credentials to accomplish some audit or to verify Martin P. Rose, CIO, Pinellas County GovernmentIByPhishing is now the number one method for hackers to gain access to a computer or network
< Page 7 | Page 9 >