In the past, Harvard relied on defenses that were not dynamic when it came to security. This is good news, because it gives organizations a fighting chance to defend against cyber-attacks. This is because, most cyber-criminals are not sophisticated hackers, rather, criminals of opportunity who use unsophisticated methods, like phishing attacks, or the stealing of username/password credentials to find weak points within systems to penetrate. Although Harvard was unprepared, we still believe that most organizations that face cyber-attacks are also unlucky. Additionally, they fail to do proper threat modeling to mitigate these threats. The reality is, before the university was attacked in 2015, like the other unlucky subjects before and after us: Sony and Target in 2014,The Office of Personnel Management 2015, and the Democratic National Committee in 2016, most organizations attacked don’t anticipate or have a keen understanding of the threats they face. Some of the questions we sought to answer were: how prepared are we in the event of a cyber-security intrusion or breach, and are we doing everything we can be to deter or put up strong defenses against cyber-attacks? Our team concluded that we still have work to do in many areas, but none more important that tackling the human factors to security. In efforts to continue improving upon our cyber-security practices, our team just completed another audit to understand how secure our cyber-security practices are.
0 kommentar(er)
