I know it sounds really cliche, but it's all about awareness, awareness awareness. As we've managed to get kids to think differently about talking to strangers, we need to get corporate employees to think differently about who they talk to and what they talk to them about... and who they talk in front of. Situational awareness has to be a part of any training... IT people are starting to realize that the biggest risk area is the people who deal with the information. |
If you talk about private things routinely. If you deal with private data in public places routinely, sooner or later it's going to get seen by the wrong person. It can be horrendously dangerous. The risk might seem small but the type of circles that business people travel in means that the likelihood of the wrong person seeing that information or hearing that information is much greater than you'd think. Just because we're in an airport doesn't mean we're shrouded in a cloak of anonymity. |
ISPs can buy off [these vendors] in bulk and resell for pennies per month per mailbox. |
Targeted Trojan attacks have much the same effect as conventional Trojans, often opening back doors and covert channels for information theft. What makes targeted Trojans different, though, is that they are made specifically for use against a particular organization or user group. |
There is a movement today to develop more security building blocks, and this could help by creating a second layer of security beyond the application level. Embedding security in the chip architecture provides protection from the ground up. |
There's a shift in spending from add-on threat prevention to building in security from the ground up. |