As IT consultants, we’re pretty sure that we’re smart enough to recognize phishing attacks against us. We all get emails asking us to open invoices, confirm our bank account information, or perform other actions designed to separate us from our credentials and our money. But according to a consultant specializing in penetration testing, 40% of us will still click-through to a malware payload. That’s a statistic I learned at a recent Society of Information Management (SIM) presentation of “FBI – State of Cybersecurity.”
Acting Supervisory Special Agent Brian D. Jackson of the St. Louis FBI field office was the featured speaker for the night, and he delivered a super interesting talk on trends in cyber crime that was followed by open discussion with local security professionals. Besides the 40% click-through statistic, here are four other security takeaways that all of us can use:
- InfraGard is an FBI-to-Business website designed to prevent hostile acts against the U.S. by collaboratively sharing intelligence information with businesses, academia, and other local governmental agencies. This is a free service that anyone can sign up for.
- The Internet Crime Complaint Center is another free FBI resource that anyone can use to report possible internet crimes. When citizens or businesses register complaints, both parties receive value. The citizen gets some follow-up on the issue, and the FBI gets valuable intelligence that can be pattern-matched to help find and bring perpetrators to justice.
- A critical part of any security infrastructure must include a Security Information and Event Management (SIEM) system. This is a prerequisite to detecting, understanding, and recovering from any kind of breach. If you don’t have this, you’ll never figure out what happened, what data was exfiltrated, etc. In its simplest sense, a SIEM system provides you with sophisticated logging that you can use to correlate and make sense of the various security-related events that are continuously generated throughout the day. Perficient partners such as Splunk and IBM offer SIEM systems that provide a wide variety of functionality.
- Now that the United States financial service industry is (finally) implementing chip cards, pressure from cybercriminals will move from cards to e-commerce. That’s us – let’s all make sure that we adhere to secure-coding practices and secure architectural design patterns.