However, cyber criminals are becoming more sophisticated in their attacks and are targeting companies using a number of different methods and strategies. Information regularly ends up online through negligence, deficient document publishing procedures, or as a result of earlier security breaches, and is useful to hackers as it helps profile the target firm’s IT and employees.
Information which may inadvertently be made available through an organisation’s website, but can be leveraged by cyber criminals, includes employee contact names and email address, IT system and software versions and security policies indicating the types of security mechanisms in place to protect IT systems and data.
Non executive directors can play a role in addressing this risk. Firstly, a review of what information your organisation may be leaking can be performed. Partner businesses and third-party suppliers must form part of this review. As enterprise security programs get more robust, it’s easier for attackers to access a trusted neighbour’s network, which may have more security deficiencies.
Download our PDF for more.