About Us | Contact Us
View Cart

Update Your Threat List!

By Vigilize | Tuesday, January 26, 2010 - Leave a Comment

If you are looking to update your security awareness training materials (and in some cases, your Acceptable Use Policy), here is an EXCELLENT article that can help.

Tony Bradley of PC World hits the nail on the head with an article that delineates eleven “hidden” security threats. To help you realize how fresh these threats are (at least most of them), I’ve listed them as follows:

    1. Shortened URLs (like bit.ly or tinyurl)
    2. Data Harvesting of Social Media profiles
    3. Social Network Imposters
    4. Web Snooping
    5. Scareware
    6. Trojan Horse Texts
    7. Lost Laptops
    8. Rogue Wi-Fi Hotspots
    9. Weak Wi-Fi Security
    10. Endangered Data Backups
    11. Unpatched Software (not just Windows)

The author goes on to detail five security myths that I intend to use in my awareness training this year:

    1. I don’t have anything the attacker would want
    2. I have AVS installed, so I’m safe
    3. Security is a concern only if I use Windows
    4. My router has a firewall, and thus I’m protected
    5. I have nothing to worry about, I only visit reputable sites.

I’ve actually heard each of those five myths . . . I call them excuses myself . . . in the past couple of months. It could be that with the holidays I was around a lot more non-bankers.

Finally, as if to polish off an already good article, Mr. Bradley then provides a set of excellent resources that should be added to anybody’s link collection.

Not only does Bradley explain the vulnerabilties, and why they are vulnerabilities, but he also offers suggestions for how to mitigate risk of exploitation.

The only thing I found slightly negative about the article is that when I went to tweet it using infotexnow, the NetworkWorld webpage it was on automatically plugged a shortened URL.

Whoops! Not really practicing what we preach, but we can’t hold that against the author! The web people need to read the articles they’re posting!

Instead of blaming the author, I recommend that EVERYBODY check out this article. Not only is it well-written, but it makes a concise resource for ISOs.

Get it here!


Posted by Dan Hadaway, CISA, CISM
Managing Partner
Infotex, Inc.

Latest News
    A new way of helping people “read” new guidance… Look for more in the future! To save you time, we are proud to present “Adam Reads” . . . recorded versions of our Guidance Summaries! Below you can find an embedded player for the audio file. If you are having issues with that working, you […]
    Top 7 Trend Articles of 2022. . .  . . .For ISOs of Small Financial Institutions. Welcome to our annual T7 article:  a list of our favorite trend articles from the past year.  Our intent: help you organize your thoughts as you work through your strategic planning process.  We hope reviewing these articles will help […]
    PRESS RELEASE – FOR IMMEDIATE RELEASE BUSINESS NEWS Dateline: Dayton, IN, July 26, 2022 infotex is proud to announce a new convention sponsorship with the Bluegrass Community Bankers Association. Headquartered in Kentucky, BCBA protects the Kentucky community banking industry through legislative efforts at the State level and in coordination with the ICBA at the national level. […]
    Another awareness poster for YOUR customers (and users).  Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Check out posters.infotex.com for the whole collection! Download the large versions here: Awareness Poster (Portrait) Awareness Poster (Landscape)   You are welcome to print out and distribute this around […]
    While we’re not a news service, we often use current events to comment on trends and our services. This blog is intended to get people thinking about topics and trends in Technology Risk Management, through our article reviews, as well as through original blog articles about current events and our MSSP services (such as our […]
    Today we present a special BONUS awareness poster for YOUR customers (and users).  This update to the April 2022 Awareness Poster takes some cues from the Dan’s New Leaf article: Why Local? Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Check out posters.infotex.com for the […]
    Awareness is 9/11’s of the battle, if we use it! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . One of my old college buddies hates banks.  He was turned down for a loan a long time ago and just can’t let go.  I actually […]
    PRESS RELEASE – FOR IMMEDIATE RELEASE SERVICE NEWS Dateline: Dayton, IN, June 22, 2022 We are proud to announce that infotex will now be supporting Endpoint Detection and Response (XDR/MDR)! We can manage/monitor solutions you already have or offer one as part of our service while still maintaining a segregated response posture. In recent years […]
    Over 85 percent of surveyed companies report having no  centralized monitoring of networked industrial devices… An article review. If you are involved in IT within your organization, you’re probably aware of the importance of being able to monitor relevant activity from your networked devices, especially if your organization is involved in healthcare, finance, or government.  […]
    Another awareness poster for YOUR customers (and users).  Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Check out posters.infotex.com for the whole collection! Download the large versions here: Awareness Poster (Portrait) Awareness Poster (Landscape)   You are welcome to print out and distribute this around […]