Each time the security of an organization has been compromised, the link has always been humans. “We have designed technology to handle the worst scenarios. However, man is the weakest link that attackers aim at,” stated Avinash W Kadam, International VP, ISACA, at the fifteenth edition of IT.
Biz held in Bangalore. He illustrated, “One of the biggest breaches of security was on RSA, which prides itself in data security. They have undoubtedly designed the best of technology. However, the attack aimed at its employees. The attackers sent an email from the HR to the employees with a Trojan virus. In spite of the warning that popped up, they opened the attachment as it came from a trusted source”.
Employees at most organizations possess the skills design secure architectures, but are not enabled to face attacks. Since security of data is considered as one of the most important aspects of a business, enterprises should focus more on extensively training their staff and equip them with skills and knowledge required to spot attacks.
Moreover, enterprises should make sure they have enough man power to foresee and handle security breaches. “Today, there is a shortage of 4.7 million security engineers in the IT industry. This includes requirement for cryptographers, and engineers who can handle risk management, audit etc. Most people are interested in working on latest technologies like mobile, cloud and social media. As an industry, we should also focus on creating an interest in security,” Kadam ended.