This article was found in the National Journal and was written by Josh Smith on 14 September 2011. It can be found at http://www.nationaljournal.com/daily/analysts-financial-industry-vulnerable-to-cyberattacks-20110914
I found the article mainly rehashing what we already know. Current laws are not adequate to stop the loss of money and information. The lack of employee education and training also makes the attacks that much easier.
"In a Sept. 2 security bulletin, the Homeland Security Department warned that the hacker group Anonymous has been using social media to ask employees at financial institutions for help gaining access to their networks." (Smith, 2011)
So no matter what best practices are implemented by an institution, the recurring theme is that employees tend to be the weak link in the security plan. If this is a known deficiency, why does it seem that nobody talks about training the employees? I have never seen what institutions spend on training employees and giving customers a better awareness. Is this an accepted risk the financial industry is willing to take due to the cost?
No comments:
Post a Comment