Log Management & SIEM for Security, Compliance, Operations | the dialog

It seems that every day we see a story in the news about an organization that has been affected by a data breach. And it also seems that these organizations may not have been maintaining a secure infrastructure with which to protect their data. Although this may seem illogical, this is often the case. An organization may have the stoutest and layered defense in place, but a well targeted attack, or “spear phishing” attack can bypass these controls quickly and easily. Since a task as simple as opening a malicious file in an email can compromise the data of an entire organization, this highlights the importance of an organization’s overall information security policy, specifically any administrative controls that may be in place.

These spear phishing attacks will often target specific individuals within an organization with emails that appear to be legitimate. If these email messages look authentic enough, they will often entice the recipient to open a malicious attachment, disguised as a legitimate document or spreadsheet. Once this is done, the attacker may potentially gain access to the recipient’s computer or beyond.

In this day and age, ensuring that your employees are knowledgeable and up to date on relevant security policies and procedures is critical to the reducing the risk of targeted attacks within your organization. This should begin with basic messaging to your employees that outlines your security policy, including acceptable use criteria and specifically outlining what to watch for in a potentially malicious email. In addition, annual or semi-annual testing or certification will also help to ensure that your employees are made aware of your security policies and have confirmed this knowledge.

This may seem like an overly simple and meaningless task, but it’s one that is often overlooked. While logical controls, like your firewalls, routers and IDS/ISP devices, will hopefully mitigate the majority of questionable messages and traffic patterns into your organization, knowledgeable and vigilant employees are often an important last line of defense in protecting your organization’s information assets.