 |
| Image courtesy of Stuart Miles at FreeDigitalPhotos.net |
To accomplish this revenue generation, they perform their typical operating duties with the support of people, process, and technology to produce a product/service for customers to ultimately purchase. With this support comes a specific level of risk that must be considered to prevent any potential loss that could negatively affect the bottom line, tarnish the brand, or negatively affect customer loyalty.
For example, the Department of Veteran's Affairs had a laptop stolen from a consultant in 2006. The laptop itself may have been worth $1,000.00, but the data (PII) held on the laptop was worth much more. How much more? After litigation, the amount was a staggering $20 million dollars(1). I believe this incident affected the overall bottom line in some manner and tarnished the VA branding.
My main focus for this blog is to provide the reader with some additional knowledge on the topics of security awareness to assist with a cultural change. Examples of potential security awareness topics include but are not limited to:
- Social Engineering
- Shoulder Surfing and Dumpster Diving
- Passwords
- Encryption and Cryptography
- Mobile Devices
- Phishing/Vishing
- Training and Awareness
- Policies, Checklists, and Procedures
- BYOD in the Enterprise
- Cloud Computing
- Access Controls
- Physical Security
- Measuring Effectiveness
- Compliance Issues
Thank you for reading! Until next time, remember that you don't have to become a victim of a threat to become aware of a threat!
References:
No comments:
Post a Comment