A CNN article recently caught my attention regarding a new study by antivirus software company McAfee that identified the most dangerous Internet search terms that can lead users (your employees, vendors, contractors, business partners, etc.) to web pages with a higher likelihood of cyber attacks.
The study examined more than 2500 popular keywords on five major search engines – Google, Yahoo, Live, AOL and Ask – and analyzed 413,000 web pages. The categories that had highest risk of leading to malware infested web sites included: screen savers, free games, work from home, Olympics, videos, celebrities, music and news. The riskiest terms included: word unscramble, lyrics, myspace, free music downloads, phelps, game cheats, free ringtones and solitaire.
David DeWalt, president and CEO of McAfee, made these comments regarding cyber attacks and malware (“badware”)… “It went from hacker in a basement, to organized cybercrime to now, literally, terrorism and other forms of organized geopolitical attacks”.
The study also showed that cyber criminals are increasing in sophistication and constantly changing. So the most dangerous Management terms are: “Once-A-Year Training”.
Lessons Learned? Organizational leaders/management need better tools to implement and manage:
- Ongoing Situational Awareness of Internet Threats
- Ongoing Understanding of Organizational Risk Management
- Ongoing Updates of Acceptable Usage and Unacceptable Usage
- Accountability at the Individual Level – It only takes one individual’s lack of awareness
- Auditability at the Individual Level – To meet Compliance, Legal, Regulatory obligations
How is your organization keeping up with the sophistication and constant changing threats from bad guys?