Teach employees to think for themselves. Security is everyone's job and security executives are reaching for new ways to encourage employees to trust their judgment, and to question practices they believe may increase risk. This is particularly important for middle managers, who frequently make decisions weighing security risk against potential business gains. Some companies are training IT helpdesk personnel to take a more proactive role in security and security education.
The Dartmouth report says the concurrent trends of consumers bringing their own devices and using cloud and online services of their choice coincides with rising threats. "Attacks targeting individuals are growing more sophisticated and persistent. The market for illicit information is more active and organized than ever, so that stolen data are more easily moved and more readily converted to cash. The ability to quickly disseminate information via social media, without regard for the gatekeepers of old media, is an incentive for activist hackers," the report stated.
Sign up for Computerworld eNewsletters.