When most people think about sophisticated robberies, images of masked, armed robbers dressed in black from head to toe enter their minds. What they don’t picture is an ordinary guy walking in off the street dressed in business casual clothes with clipboard and USB drive in hand. While not physically threatening or intimidating, this guy can actually represent a much greater risk to organizations. WikiLeaks is the perfect example.Read more
All the valuable PCI compliance insight aside, I found the statistics on the prevalence and value of targeted attacks to be especially interesting. We are frequently engaged to perform social engineering exercises for our clients, primarily to help them stress the importance of security policies, procedures, and communication to their employees.
While our generic email campaigns typically fool a few of the overly curious or too-quick-to-click crowd, the more informed (targeted) phishing campaigns are overwhelming effective to the point that we often need to reassure our clients that the world is not ending. Unfortunately, this report highlights the fact that targeted attacks are not just elements of security company sales talk.
Dominic Schulte currently serves as the Managing Director of Security Services & Consulting at TRUE, where he is responsible for the execution of a wide range of security and regulatory compliance services. Previously, Dominic worked with the National Security Agency (NSA) as a Global Network Exploitation and Vulnerability Analyst in the National Security Incident and Response Center (NSIRC). He holds CISSP, QSA and CNSS 4011-4015 certifications.
Connect with True
Most Recent Comments
- Java 7 Zero Day Exploit - Why Everyone Should Be Using a Web Proxy on Increase Windows Network Security Through Group Policy Software Installations
- Some Various Security Notes « 36 Chambers – The Legendary Journeys: Execution to the max! on Remote Desktop Vulnerability (MS12-020) Is the Worst of the Worst