Twenty-seven years later, computer viruses are everywhere and cyber crime is a
In response, organizations have turned to cybersecurity, or the practice of protecting computer systems by identifying and addressing vulnerabilities from various vantage points. "Hacking is big business," says
Coming soon is "Introduction to Cybersecurity", the college's first foray into Massively Open Online Courses (MOOCs). In it, Harnish details the three components of cybersecurity: technology, process and people.
The technological aspects of cybersecurity - firewalls, badges, anti-virus and intrusion detection software - often garner the most attention. Also key are processes which establish the framework of an organization's systems, describing what can and cannot be accomplished from a cybersecurity perspective.
However, the most vulnerable component of any computer system is humans, says Dr.
Addressing the "Human Element" in Cybersecurity
"Social engineering" refers to a criminal practice in which individuals or groups attempt to secure access to finances or other critical data through deception. This is often accomplished by employing a variety of false pretenses with a single objective: convince an employee to click on a link containing a virus, visit a malicious site, or even provide access to company hardware. In fact, criminals have been known to pose as a company technician in order to access an organization's mainframe.
"Companies and organizations need to focus on the human-side of the equation," said Dr. LeClair. "That means focusing resources on not just the latest anti-virus software but on the education and training of employees - the human element."
Social engineering has become such a problem, that hackers can even demonstrate their skills at Social-Engineer.org's Capture The Flag (CTF) contest at DefCon (http://www.social-engineer.org/defcon-social-engineering-contest/), a hacking conference started in 1993. There, participants work to gather information on a pre-determined targeted company via "passive" information gathering such as public websites, Google searches, etc. The purpose is to illustrate the ease to which private information can be accessed due to lax information security practices.
Most Popular Stories
- Apple Wants Samsung to Pay $22M for Patent Dispute Legal Bills
- Twitter Coming to Phones Without Internet
- NASA Fellowships, Scholarships Bring Diversity to Workforce
- Dish Network Leads 2013 Top 50 Advertisers List
- Networks Vie for U.S. Hispanic TV Viewers
- Ad Counts Rise in 2013 for Hispanic Magazines
- Entravision Initiates Quarterly Cash Dividend
- Jobs Report Brings Cheer As Unemployment Drops to Five-year Low
- Starbucks Gets Grinchy; No Gingerbread Lattes for Tampa Customers
- Warner Bros. Unleashes 'Hobbit: Desolation of Smaug' Merchandise