0
2

[–] ilovepussy 0 points 2 points (+2|-0) ago 

This is a huge problem. User education, aggressive filtering, and top line anti-virus/anti-malware protection is a good start. Deprecating user rights, limiting access, and requiring frequent password changes, along with active monitoring can go a long way to reducing these threats.

0
2

[–] ChillyHellion [S] 0 points 2 points (+2|-0) ago 

What gets me is the proud determination not to learn. I can understand people making mistakes and wanting to do better, but it's common to hear people dismiss computer literacy as something that only young people understand. My reply is always that computers were around before I was born, so as far as I'm concerned they had a head start.

0
1

[–] ilovepussy 0 points 1 points (+1|-0) ago 

That's where the carrot and stick come into play. I used to give out candy bars to people who notified me of phishing attacks when we were testing. Now it rolls into our monthly safety incentives, and if they click, they lose out, and if they click they have to go through the training again. It only takes about 2 times for someone to have to sit through a 45 minute phishing training video and then pass a test, to stop clicking on shit. I haven't had a user that had to do it 3 times yet.

0
2

[–] pyres 0 points 2 points (+2|-0) ago 

This is a huge problem. User education, aggressive filtering, and top line anti-virus/anti-malware protection is a good start. Deprecating user rights, limiting access, and requiring frequent password changes, along with active monitoring can go a long way to reducing these threats.

It doesn't matter how much you spend, how much you train, how much you filter, the weakest link is the stupidest employee that just has to open the attachment. They are also the reason social engineering is so profitable.

0
0

[–] ilovepussy 0 points 0 points (+0|-0) ago 

You're not wrong - That's why I listed User Education first. This has to be robust and continual. KnowBe4 is a great product for this type of training. Our last 3 tests have been 100% compliant. This does not mean some ID10T User won't click on an infected attachment tomorrow, but that's what all the other stuff is for, and why monitoring is such an important piece.