• United States



by Paul Kerstein

Mitnick: Just Say No

Jul 22, 20051 min
CSO and CISOData and Information Security

Security Consultant and infamous ex-hacker Kevin Mitnick says thatproperly trained staff, not technology, is the best protection againstsocial engineering attacks on sensitive information. Techworldreports that Mitnick says CSOs need to look at people and processes,not just technology for prevention. “Social engineering is a form ofhacking that uses influence tactics,” he said. “You can’t go anddownload a Windows update for stupidity…or gullibility.” According toMitnick, surveys have revealed that nine out of 10 people have givenpasswords out for something as simple as a chocolate Easter egg. Herecommended establishing rules for employees to define what issensitive information and how to deal with, thus building a “humanfirewall” by raising awareness. Read more.