Skip to main content

Cybersecurity: People Are Weakest Link

Yesterday security company Sophos warned against websites hosting a viral video of ESPN's Erin Andrews. Today the company is reporting that people are the weakest link in cybersecurity. Why? Because of social networks such as Facebook, LinkedIn, Twitter, and MySpace. According to the Sophos Security Threat Report, criminals are "doubly" exploiting these websites, using them to identify potential victims and then attack them at work and at home.

The big concern is that employees share too much personal information on the social networks while on the job, thereby putting the entire network--including sensitive company data--at risk. "The honeymoon period of these sites is over, and personally identifiable information is at risk as a result of by constant attacks that the websites are simply not mature enough to protect against," said Graham Cluley, senior technology consultant at Sophos.

A pie chart provided by the document reveals that 33.4-percent of employees questioned have been spammed on a social networking site; 21-percent have been phished, and 21.2-percent were sent malware. Imagine a co-worker loading up Twitter and then following a link to a phishing website, thus inadvertently providing a company username and password.

Sophos suggests that corporations should run web security solutions that check every link and webpage as it is clicked on to protect employees from malware and other suspicious activity. Sophos also added that corporations should consider allowing access to social networks during lunch, and apply multi-layered security at both the gateway and at the endpoint.

For the full report, read the PDF right here.