Assesement Tool Archives

Assesement Tool

15% OF USERS WILL DIVULGE LOGON CREDENTIALS TO STRANGERS – SOCIAL ENGINEERING ATTACKS

Social engineering is the art of manipulating people into performing actions or divulging confidential information and/or proprietary information, non-disclosed information or usernames and passwords. It is the classic approach of the confidence man, convincing someone he or she is something they are not. If you think your personnel would never be fooled, you’re fooling yourself. There is a reason this approach to criminal activity has a long successful history. Examples of Social Engineering Attacks and Social Engineering Psychology In the early days of computer security, social engineering might have involved a hacker calling one of your employees and talking him or her into giving up authentication credentials or login information to private systems. The current state of the art makes this

BAI Security September 27, 2012

Assesement Tool

7 OUT OF 10 BANK IT AUDITS INADEQUATE – BANKING CYBER SECURITY STANDARDS

Are your IT auditors using best-of-breed commercial grade products or do they use freeware and open source IT Assessment tools? Vulnerability Assessment Tools – IT Audits and Banking Cyber Security Standards Based on BAI Security’s review of previous IT auditor’s results, the majority of banks are being left exposed with potentially serious undiscovered vulnerabilities. The most common underlying factor in these environments is the actual testing tools and testing methodology. To fully understand the risks to your organization, you need to have your auditors use tools and processes capable of identifying all threats to your systems. Simply stated, traditional network-based vulnerability assessment tools send requests to systems/software running on the target machine and look at the responses to determine if particular vulnerabilities exist.

BAI Security September 19, 2012