https://urgentcomm.com/wp-content/themes/ucm_child/assets/images/logo/footer-new-logo.png
  • Home
  • News
  • Multimedia
    • Back
    • Multimedia
    • Video
    • Podcasts
    • Galleries
    • IWCE’s Video Showcase
    • Product Guides
  • Commentary
    • Back
    • Commentary
    • Urgent Matters
    • View From The Top
    • All Things IWCE
    • Legal Matters
  • Resources
    • Back
    • Resources
    • Webinars
    • White Papers
    • Reprints & Reuse
  • IWCE
    • Back
    • IWCE
    • Conference
    • Special Events
    • Exhibitor Listings
    • Premier Partners
    • Floor Plan
    • Exhibiting Information
    • Register for IWCE
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookie Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • Mission Critical Technologies
    • TU-Auto
  • In the field
    • Back
    • In the field
    • Broadband Push-to-X
    • Internet of Things
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Call Center/Command
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Network Tech
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Operations
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Regulations
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • Organizations
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
Urgent Communications
  • NEWSLETTER
  • Home
  • News
  • Multimedia
    • Back
    • Video
    • Podcasts
    • Omdia Crit Comms Circle Podcast
    • Galleries
    • IWCE’s Video Showcase
    • Product Guides
  • Commentary
    • Back
    • All Things IWCE
    • Urgent Matters
    • View From The Top
    • Legal Matters
  • Resources
    • Back
    • Webinars
    • White Papers
    • Reprints & Reuse
    • UC eZines
    • Sponsored content
  • IWCE
    • Back
    • Conference
    • Why Attend
    • Exhibitor Listing
    • Floor Plan
    • Exhibiting Information
    • Join the Event Mailing List
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Terms of Service
    • Privacy Statement
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • TU-Auto
  • newsletter
  • In the field
    • Back
    • Internet of Things
    • Broadband Push-to-X
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Cybersecurity
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
acc.com

Enterprise


Article

The weakest link (with related video)

The weakest link (with related video)

Enterprise communications networks often are victimized by those who use them.
  • Written by
  • 1st January 2012

As information security technology continues to advance, it is not difficult to believe that human error represents the biggest threat to the ability of such technology to protect an enterprise's communications network. Indeed, there are more than enough examples of human interactions compromising high-profile security systems, yet many executives retain a false sense of security that comes with the latest threat-monitoring technologies.

Consequently, IT security systems may be the foundation for a strong protection plan but they are hardly the full solution. All it takes is for one employee to click on a targeted phishing e-mail and everything could be lost. So what do companies need to consider in order to cover all the bases when it comes to information security?

The first step is coming to terms with the countless threats posed by simple human behavior. Organizational leaders — the ones who have access to sensitive information — often hold an improper sense of their role in security. While executives may be aware of possible security threats, they often see themselves as protected by the IT department and their organization's security infrastructure. The fact that they ultimately are a vital participant in the security process is often ignored, which drastically increases the chances of a crucial mistake.

This phenomenon often translates to company business processes as well. This is especially true when it comes to cost concerns. Often, should a cybersecurity process add costs, slow workflow or be perceived as extraneous, it will not be stressed as an important operational guideline. Small businesses especially are susceptible to this, as revenue often is limited and security attacks often are viewed as a low possibility. Employees on a time crunch often feel the same way. While they may have knowledge of security protocol, it isn't always their top consideration while working on a project.

The result is the security gap that hackers seek. A study by Internet security–awareness firm KnowBe4 found that 43% of tested employees clicked on a simulated phishing or malware attack link. Another exercise, conducted by the Department of Homeland Security last June, found that 60% of workers plugged a USB device that they found in the parking lot into their office computers. When the device was imprinted with an official logo, the number of installations jumped to 90%.

These incidents, frightening as they are, represent just a few of the ways that hackers are exploiting human behavior to acquire company data. As mobile, cloud computing and social media technologies continue to grow, so will the security concerns associated with them. Another top security problem that every business potentially could encounter is a disgruntled employee walking out the door with company secrets.

For all of these reasons, a strong information security system must evolve continually. Moreover, while there is no guaranteed solution, organizational leaders must incorporate the human element into their cybersecurity plans.

One way to accomplish this is through periodic reviews and audits of regular business policies and procedures. Comprehensive security protocols teach leadership proper responses to cybersecurity incidents. Regular reviews and updates to these guidelines keep sound information security behavior both current and top-of-mind.

The next step after proper procedures are put in place is training. This also should occur regularly, as random reminders often get ignored. Instead, set up granular training exercises designed specifically to address problematic security behaviors. Senior leadership should not get a pass on these training requirements. In fact, any employee who has access to secure data is the most likely to be attacked.

Of course, there are costs to implementing proper security measures and companies need to find the right balance between human and technological elements. There is no doubt that the newest security technology will come at a price. Human-based security procedures have their consequences as well, usually in the form of less privacy in the workplace. But in order to protect secure information, employees must be made aware of what data the company owns, where they can access it and who ultimately will be responsible for it.

On a higher level, more work needs to be done to pinpoint the human behaviors that cause information security breaches. As new technology continues to emerge, organizations need to better understand how employees use these devices and what procedures will help eliminate the security threats associated with them. Security technology itself also needs to better recognize potential threats and indicate danger to the users. An improvement in both human interactions and recognition technology significantly can cut down the common-sense mistakes that often lead to breaches.

Indeed, the responsibility of information security lies with each and every employee. Senior leadership needs to familiarize themselves with their employees and trust they can take the proper precautions to protect sensitive information. Criminals take the time and energy to identify key stakeholders and target their attacks. Management should be identifying those same stakeholders to better educate them on security procedures.

The fact is that human vulnerability always will exist within the context of information security. Organizations willing to invest in proper protocol and training can help reduce those threats, but they cannot afford to grow complacent. Stay up to date with the latest security news and pass relevant information down to all levels of employees. Resistance to change, individual scrutiny and human curiosity are the biggest hurdles in cybersecurity — but they are hurdles that must be cleared in order to ensure an organization remains protected.

Jeff Schmidt is a two-decade veteran of the information security industry and the founder and CEO of JAS Global Advisors LLC.

Tags: Data Network Security Enterprise Security Software Article

Most Recent


  • FAA approves beyond-visual-line-of-sight (BVLOS) flights in North Dakota
    The unmanned aerial vehicle (UAV) avionics company uAvionix received Federal Aviation Administration approval to conduct advanced beyond visual line-of-sight (BVLOS) flights of small UAVs in North Dakota.  The flights will be conducted at the Northern Plains Unmanned Aerial Systems (UAS) Test Site (NPUASTS) in Grand Forks, one of seven FAA-run UAV test sites in the U.S., using […]
  • AT&T boasts of core 'white box' success in 5G, fiber push
    AT&T said it has now migrated more than 52% of all of its production traffic onto next-generation “white box” core routers running on products from the likes of Broadcom and DriveNets. The company said its move to such “open” systems has helped its aggressive 5G and fiber expansions. “We announced the next-gen open disaggregated core routing […]
  • Federal agencies infested by cyberattackers via legit remote-management systems
    It has come to light that hackers cleverly utilized two off-the-shelf remote monitoring and management systems (RMMs) to breach multiple Federal Civilian Executive Branch (FCEB) agency networks in the US last summer. On Jan. 25, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) released […]
  • MCPTT interworking for critical communications
    The goal of mission-critical communication systems is to minimize the response time of first responders in emergency situations across several agencies. A dedicated push-to-talk button offers an efficient mechanism that simplifies the speaker-to-listener process to a minimum. This feature is useful when coordinating large group activities and to enable the instant flow of tactical status […]

Leave a comment Cancel reply

To leave a comment login with your Urgent Comms account:

Log in with your Urgent Comms account

Or alternatively provide your name, email address below:

Your email address will not be published. Required fields are marked *

Related Content

  • New Orleans-area 911 center inks multiyear APEX deal with Carbyne to replace call-handling system
  • The weakest link (with related video)
    Newscan: Feds recover millions from pipeline ransom hackers, hint at U.S. Internet tactic
  • Cyber is the new Cold War, and AI is the arms race
  • Private wireless networks in the US start going public

Commentary


How 5G is making cities safer, smarter, and more efficient

26th January 2023

3GPP moves Release 18 freeze date to March 2024

18th January 2023

Do smart cities make safer cities?

  • 1
6th January 2023
view all

Events


UC Ezines


IWCE 2019 Wrap Up

13th May 2019
view all

Twitter


UrgentComm

FAA approves beyond-visual-line-of-sight (BVLOS) flights in North Dakota dlvr.it/ShgxHW

30th January 2023
UrgentComm

AT&T boasts of core ‘white box’ success in 5G, fiber push dlvr.it/Shgb4w

30th January 2023
UrgentComm

Spending American Rescue Plan Act funds: A primer for municipalities dlvr.it/ShgZ52

30th January 2023
UrgentComm

AT&T wireless growth keyed by FirstNet—now provides 24,000 agencies with 4.4 million connections dlvr.it/ShY5qH

27th January 2023
UrgentComm

Report: Remote work causing offices to empty, but walkable cities still in high demand dlvr.it/ShXM7Z

27th January 2023
UrgentComm

AT&T FirstNet unleashes robotic dogs for emergency services dlvr.it/ShW7p8

27th January 2023
UrgentComm

Federal agencies infested by cyberattackers via legit remote-management systems dlvr.it/ShVhn3

26th January 2023
UrgentComm

How 5G is making cities safer, smarter, and more efficient dlvr.it/ShVS1h

26th January 2023

Newsletter

Sign up for UrgentComm’s newsletters to receive regular news and information updates about Communications and Technology.

Expert Commentary

Learn from experts about the latest technology in automation, machine-learning, big data and cybersecurity.

Business Media

Find the latest videos and media from the market leaders.

Media Kit and Advertising

Want to reach our digital and print audiences? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • American City & County
  • IWCE
  • Light Reading
  • IOT World Today
  • Mission Critical Technologies
  • TU-Auto

WORKING WITH US

  • About Us
  • Contact Us
  • Events
  • Careers

FOLLOW Urgent Comms ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.