Home page logo
/

isn logo Information Security News mailing list archives

Where Did You Learn About Cybersecurity -- or Did You?
From: InfoSec News <alerts () infosecnews org>
Date: Fri, 7 Feb 2014 08:58:57 +0000 (UTC)

http://www.eetimes.com/author.asp?section_id=8&doc_id=1320907

By Carolyn Mathas
EE Times
2/6/2014

I just noticed the results of a report commissioned by the Institution of Engineering and Technology (IET) called "Using Open Source Intelligence to Improve ICS & SCADA Security." The report suggests that information that engineers place on social media, in blogs, and in papers is sufficient to mount cyberattacks. In this case, the attacks involved utilities. However, it shouldn't matter what industry is front and center -- only that this may be a side door in.

The basis for the IET's concern was a survey of 250 small and midsized enterprises. Half were aware of the government's Cyber Security Strategy, and just 14% said cyberthreats were "the highest priority."

I have a question: How have you been trained/warned/advised regarding the use of social media, written papers, articles, blogs, etc. and how they relate to security? This report concentrated on the UK, but life isn't that much different on this side of the pond.

Did you receive any university-level training regarding the role of the individual in security breaches? Was this a part of the new-hire training at your company? What did you learn, and where did you learn it, as to how much information is too much? Maybe this is covered in nondisclosure agreements you sign upon corporate entry as part of an HR exercise?

[...]



--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/


  By Date           By Thread  

Current thread:
  • Where Did You Learn About Cybersecurity -- or Did You? InfoSec News (Feb 07)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]