First page Back Continue Last page Summary Graphics

Who are you defending against?

Insider - 60-80% of all security violations are caused by "inside jobs." Whether due to malice, such as a disgruntled employee, or due to ignorance, such as taping passwords to the monitor or leaving a system logged in, the user is the cause of the bulk of the security incidents in a corporate environment. One of the most common methods of exploiting this is called social engineering. An example of this is the cracker calling a secretary and saying "This is Joe from Network. We're having mail problems and I need your password so I can test it." At this point, "Joe" has a password and can use this to systematically attack your network using it. Kevin Mitnick was a classic example of this style of attack.

Who are you defending against?

Notes: