Thycotic took a survey of 250+ hackers at the August 2016 Black Hat conference and reported that “77% say no password is safe from hackers—or the government” which is hardly surprising. The “Black Hat 2016: Hacker Survey Report” included these comments about training:
Extend IT Security Awareness Training
The weakest link in most organization’s security is the human being. As more sophisticated social engineering and phishing attacks have emerged in the past few years, companies need to seriously consider expanding their IT security awareness programs beyond simple online tests or acknowledgements of policies. Especially as personal mobile devices are increasingly used for business purposes, educating employees on secure behaviors has become imperative.
The Survey Included some sound “advice to businesses that want to protect themselves from hackers, suggesting they start by implementing these key security measures”:
1. Limit Admin access to systems
2. Protect Privileged Account passwords
3. Conduct more IT security awareness training and education
4. Limit unknown applications from running on the network
5. Protect user passwords with security best practices
It makes sense to heed the advice from this hacker Survey!