The CIA email hack and the danger lurking in your organization

Share on facebook
Share on twitter
Share on linkedin
Share on email
Share on whatsapp

The first rule of cyber security is identifying what data you need to protect and where it resides.  Hillary Clinton was using private email for official business and her sensitive files exist on a backup server not controlled or protected by the government’s IT staff. Now a high school student reportedly used social engineering to call Verizon, reset the password to CIA Director John Brennan’s email, and was able to gain access to emails and attached documents that contained information about interrogation methods, security clearance, and records of agency staff.

Think about the types of data your organization likely maintains that may not be protected under a compliance mandate – including personal data on staff, client information, proprietary data on your pricing or processes.  Even if you do maintain financial accounts, credit card data and/or medical records and feel you have adequate controls via compliance requirements, have your staff from the CEO to the mail room all been given ongoing cyber security awareness training?  It may seem obvious not to send a credit card number via email, or upload a medical file to a publicly accessible internet share, but it happens all the time –  usually because the user is not aware of the exposure they are creating by doing so.

Of course there are technical controls that can be put in place as well, but they cannot remove the need for  well-written cyber security policies and training around those policies and procedures for ALL staff.  And sharing of stories like the CIA hack, explaining how it happened, and driving home the reason why everyone needs to understand cyber security.

Foresite admin
Website | + posts

Sign Up For Our Blog

Get our latest content delivered to your inbox.

partner with foresite consulting to become a More Effective Leader

Develop the skills and strategies you need to take your company to the next level of success.

Search