35 (1).docx

Full Transcript

Writing passwords on paper No Encryption software in use Web browser warning of digital certificates Trust CA? Leads to Data Breaches How? Password Cracking using stolen or weak passwords via social engineering Forms of social engineering: phishing Smishing Vishing Whaling Pin Analysis pins are repeated meaning more than one person will have the same pin. As 4 digits is limited to number of combinations. Heat maps Yellow and white equals high frequency Red and Black equals low frequency The heat map tells us memorable pins such as XY XY politicians are common Pins starting with 19 or ending with 19 is most common Repeated numbers Symmetric numbers IBM cyber security intelligence index states that 95% of breaches are caused by human error where fishing is rising in numbers over the years Security is a process not a product Human actors - all of these do not understand security enough Designers attacks such as Meltdown or Spectre of CPU chips Developers Heartbleed or buffa over read Assemblers Malware in products Distributors malware in products Deployers AS WEAK LINKS Not changing default admin passwords Maintainers AS WEAK LINKS missing or wrong path management Policymakers AS WEAK LINKS regular and mandatory password expiration Users How to make people stronger in security? Social Proof - it's where don't know what to do so we copy other people leaders should act accordingly then workers will also follow Engage with Positivity - tell them how dangerous it is and not fear it. Spread empowerment and not fear Build Champions Network - needs herd immunity, it's how we frame communications