| | September 20178CIOReviewIN MY OPINIONHumans- Weakest Link in an InfoSec Journey, or Not!list of the biggest & most devastating cyber-attacks in the recent past indicate a consistent pattern.·WannaCry Ransomware (2017), which exploited a vulnerability in SMBv1 Protocol of Windows, was successful due to unpatched computers. Microsoft had released a patch two months before the ransomware hit the world but many systems were infected, which means that someone had failed to install these patches.· Bangladesh Bank (2016) was hit by a cyber-heist after login details of an employee were discovered, then used to install malware on the bank's system. Total loss to the bank was estimated to be USD 81 million dollars.· PlayStation Network Attack (2011), which resulted in hackers getting access to 77 million user details, and which ultimately led to a fine of GBP 250,000 on Sony, were attributed to `poor security measures' which did not comply with British Law.Why are Humans our Weakest Link?Given that humans make so many mistakes, it is not surprising that we hold a belief that they are the weakest link. After all, what qualities does a `typical human' possess? They are frequently unpredictable, often irrational in their decisions, easily form poor habits, are emotionally driven, sometimes unreliable, and in general behave differently from a computer ABy Shailendra Singh, Chief Information Security Officer, Capillary TechnologiesShailendra Singh is the Chief information Security Officer at Capillary Technologies. He has an overall experience of 11 years which includes experience in Information Security, Service Operations & Process Quality in Fortune 500 Companies.Shailendra Singh
< Page 7 | Page 9 >