The biggest threat to any organization is well known in the security world: Humans. It is humans who click malicious links, open poisoned attachments, and use weak passwords. It is humans who fall for business email compromise scams exploiting our basic tendency to trust. And it is humans who develop software and neglect to protect their code from every possible attack scenario.
Users make mistakes. Developers and vendors make mistakes. IT security and infrastructure teams make mistakes. What matters is understanding the nature of people and having a heightened awareness of potential issues that can arise from human error. Taking the time to create and update controls around this type of behavior will allow your organization to respond properly when the need arises.
In this month’s report, we take a look at the rising trend of business email compromise, Microsoft’s turnaround on patching the DogWalk zero-day vulnerability, the Zeppelin ransomware threat to healthcare, and how recent vulnerability disclosures should remind us to be prepared.