Network Computing Dark Reading

Advertise

DRTV

Optimizing the Security Awareness of Your End-Users

Get Link to this Video

Get HTML to Embed this Video

100%

End-users can be the weakest link in your infosec defense. But according to KnowBe4 founder and CEO Stu Sjouwerman, there is something you can do about that – if you implement the right behavioral diagnostics and focus your training needs on individual users’ actual weaknesses.

Comment |

Email This |

Print |

RSS

Comments

Newest First | Oldest First | Threaded View

[close this box]

100%

REISEN1955,
User Rank: Ninja
4/19/2018 | 9:37:44 AM

Quite true

Not only are end users the weak link but they are the PRIMARY link as well. All it takes is one user opening one infected PDF with ransomware and horror results. One problem is that firms would love to restrict web browsing to "company" approved sites which would be wonderful IF not for human nature and life itself. Unfortunately, life HAPPENS and while users should not free browse everywhere, some outside browsing WILL HAPPEN not matter what one says. Limit it wheneve and wherever possible. BTW - if a firm totally locked down browsing, then workers would start to quit in bits and pieces too. So you have to allow for that. Secondly, good education on spotting when things ARE going south would help and basic education on email protocol. If you can hit 95% knowledge transfer then you have a good situation.

Reply | Post Message | Messages List | Start a Board

Hot Topics

Editors' Choice

It Takes an Average of 3 to 6 Months to Fill a Cybersecurity Job

Kelly Jackson Higgins, Executive Editor at Dark Reading, 3/12/2019

Box Mistakes Leave Enterprise Data Exposed

Dark Reading Staff 3/12/2019

How the Best DevSecOps Teams Make Risk Visible to Developers

Ericka Chickowski, Contributing Writer, Dark Reading, 3/12/2019

Live Events

Webinars

More UBM Tech
Live Events

Drive Your Business and Career Forward at Interop19

Interop 2019 - The Unbiased IT Conference

Communications & Collaboration 2022 at EC19 Orlando March 18-21

White Papers

Dark Reading Report Roundup

Track & Secure Your Internet Attack Surface

AppSec: What Not To Do

Innovation & Opportunity: 3 Hadoop Trends That Will Affect Your Business

[Frost and Sullivan] IoT Security for Connected Space

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: LOL Hope this one wins

Cartoon Archive

Current Issue

5 Emerging Cyber Threats to Watch for in 2019

Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The State of Cyber Security Incident Response

Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.

Download Now!

How Enterprises Are Developing Secure Applications

0 comments

How Enterprises Are Attacking the Cybersecurity Problem

0 comments

How Enterprises Are Using IT Threat Intelligence

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2019-6149
PUBLISHED: 2019-03-18

An unquoted search path vulnerability was identified in Lenovo Dynamic Power Reduction Utility prior to version 2.2.2.0 that could allow a malicious user with local access to execute code with administrative privileges.

CVE-2018-15509
PUBLISHED: 2019-03-18

Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2).

CVE-2018-20806
PUBLISHED: 2019-03-17

Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the login page (the /public/main.php action parameter).

CVE-2019-5616
PUBLISHED: 2019-03-15

CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser.

CVE-2018-17882
PUBLISHED: 2019-03-15

An Integer overflow vulnerability exists in the batchTransfer function of a smart contract implementation for CryptoBotsBattle (CBTB), an Ethereum token. This vulnerability could be used by an attacker to create an arbitrary amount of tokens for any user.

Terms of Service
Privacy Statement
Legal Entities