Posts

Will cyber security training shield us from Chinese espionage?

The Pentagon has now openly accused China of launching online attacks on the U.S. Will your cyber security training withstand the mounting threat? 

There is no more dancing around it now. Although there have been mentions and whispers of Chinese-based cyber attacks in the past, China has now been publicly named as responsible for performing cyber espionage on American cyber soil. This move away from the indirect, diplomatic approach of addressing cyber espionage and into a more direct dialogue signals a new direction in the cyber threat debate. 

The language coming from the government on this is chilling, and although we’ve known something about state-sponsored cyber espionage for some time, to see it written in the DOD’s Annual Report to Congress will make you think twice about the imminent threat and the depth of your cyber security training.

“China is using its computer network exploitation (CNE) capability to support intelligence collection against the U.S. diplomatic, economic, and defense industrial base sectors that support U.S. national defense programs,” the report says. Elsewhere, it also notes that China is “developing electronic and information warfare capabilities, including denial and deception, to defeat those of its adversaries.”

Unless U.S. sources are in error, the threat is now officially real. China is actively seeking your competitive intellectual property through digital avenues. And until the U.S. government takes direct action, only good cyber security training and implementation stands between you and the unauthorized access of your data.

John Sileo is a cyber security expert and in-demand speaker on digital security, identity theft and social media privacy. His clients include the Department of Defense, Pfizer, Visa, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.

Do you have the right cyber security training to take a joke?

What does cyber security training have to do with jokes, you ask? Well, you’re sitting at work when someone sends you an email that promises funny pictures, a joke or a viral video. You go ahead and click, forgetting everything you learned in your company’s cyber awareness sessions …but your company may be tricking you into training.

For many, the negative outcomes of ineffective cyber security remain invisible until they hit close to home. A large number of breaches to security occur not just because of the efforts of hackers, but also because of the naïve practices of employees. Anyone can compromise their workplace’s security unintentionally if they aren’t careful. Fortunately, one company named PhishMe is using this as an opportunity to call us out on our bad habits.

This business basically sends fake spam emails to your employees in order to teach them a better approach to privacy (and reveal how easy it is to give up your info). One such campaign, reported in the Wall Street Journal, involved a promise of cute cat photos. You might be thinking “Oh, come on. I wouldn’t fall for that!” But the potential is out there, and it only takes one careless second. And PhishMe has seen the behaviors of millions corrected because of its services. It’s just one of a few companies taking part in an effort to help corporations step up their game by using the methods of hackers against us as a sort of practice ground.

Anticipating the activities of hackers can be as difficult as accurately predicting the weather, but there are measures that companies can take to help bulk up their capabilities. Consider the advantages of proper cyber security training before you – or someone you work with – falls for one of these for real.    

John Sileo is a cyber security training expert and keynote speaker on reputation, privacy and cyber data protection. His clients included the Department of Defense, Pfizer, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.