Cyber security professionals under spotlight
Cyber criminals and opportunist hackers are looking forward to a good Christmas as both end users and information security professionals become distracted and may let their guards down, says the not-for-profit industry body, the IISP (Institute of Information Security Professionals (IISP) (www.iisp.org)
“For would-be cyber attackers, Christmas is a time for giving and taking,” says Amanda Finch, general manager of the IISP. “They do their best to wrap up and disguise gifts of malware, while looking to take our sensitive data and hard-earned cash. It’s not just the innocent end users who need to be more aware of festive phishing emails and fake web sites, information security professionals need to stay focused and vigilant as attentions turn to celebrations and good cheer, not to mention the seasonal rise in flu, coughs and colds.” The IISP warns that skill shortages, reduced staffing levels and festive distractions can result in routine security activities such as patching not getting done or alerts being missed. The problem can be compounded if security teams try and take left-over leave when resources are already stretched. This can mean that operational cover is under intense pressure if major problems occur and projects can be delayed for up to a month.
For end users, increased employee browsing levels reduce productivity and risk overloaded systems and outages, but the main threat comes from increasingly sophisticated phishing emails – ranging from spoof delivery messages and declined credit card transactions to special offers and festive jokes.
“Cyber criminals are honing the art of social engineering and phishing to catch us out, particularly when our guards are down,” warns Finch. “With more ‘coming and going’ over the next few weeks, some threats can simply by-pass the network defences and walk in on two feet through the front door to plant an unwanted present of a Trojan. There needs to be more online and physical risk awareness and vigilance at this time of year, if we are to avoid the post-Christmas blues.”