Cybersecurity National Action Plan

...

be educated in cybersecurity.  Having all employees trained, is a large step a company can do to avoid security breaches. 

The article then goes on to list more tips that can help a company  lessen the chances of falling prey to data breaches, by setting up policies within a company.  Some of these tips to mitigate insider threats include: Regularly talking to your workers, having trainings, and constantly reminding them of the potential harm a cyber breach can do to the company. "Employees need to know their obligations, especially when it comes to mobile data. It’s not enough to require an annual review and signing of an "I have read and understand company IT policies" statement." It is not enough to just warn the common entry level employees.  Many times management and IT staff are major targets to cyber criminals; For the simple reason that they posses more company information.  Therefore, leaders in a company have to be aware, and if anything have to be even more caution.  You have to explain to your employees that it only takes one employee to make a mistake.  A company can do everything in their power to keep it secure, but ultimately its up to the employees to follow through in what they are taught.

In addition, a company can occasionally test employees on their knowledge in cyber security.  Furthermore, Warn employees to pay special attention to social engineering tactics they will find in their social media accounts, emails and blogs. It’s also important to point out that many cyber incidents begin with a simple phone call from someone posing as someone that can be of service to you in anyway and then begin with asking seemingly innocuous questions. Meanwhile, they are actually gathering information about the company and its operations.  I personally, recently fell victim to a cyber scam.  I was on my IPhone on the Safari application and it suddenly stopped letting me continue browsing . A message came up with a supposedly Apple Customer  Service number that was available 24 hours.  Not knowing I called the number,  they offered me a program I can install with a small payment that would insure my phone would stay secure.  I voluntarily gave over my credit card and my iTunes account  information.  Shortly after I realized what had happened.  Without wasting anymore time I quickly changed my ITunes account information and called chase to freeze and rest my bank account.  There was no way I could have known before this incident, I wasn’t aware. However, now I extremely cautious, I’ve learned a very valuable lesson.     

c. The article “J.P. Morgan Says about 76 Million Households Affected by Cyber Breach” by Emily Glazer  and Danny Yadron, cover the cyber-attack on the Chase bank in 2014.  JPMorgan Chase bank reported a cyber-attack, and stated “about 76 million households were affected by a cybersecurity attack on the bank this summer in one of the most sweeping disclosed breaches of a financial institution” (Glazer and Yadron). The bank said that the attacker stole customers contact information including, name, email addresses, home addresses and phone numbers of clients. The hackers were not able to gather login information which would include, detailed account and personal information, such a social security number. The bank assured customers that their money is safe. After investigating, the bank realized that the hacker received information through an employee’s personal computer. After the attack chase reset passwords, and disabled account that may have been at risk. They also reminded employees to log off, change passwords often, and choose harder passwords to ensure the banks safety.  This past week, I received a call from Chase notifying me that there had been a few pending transactions on my credit card that seemed unlike my previous transactions. I was unaware of these transactions and confirmed that in fact it was not me.  I was sent a new credit card and changed my passwords.  From this I clearly see how Chase keeps track of their customers and in fact does everything in their power to ensure clients have safe and a pleasant banking experience.

References:

https://www.whitehouse.gov/the-press-office/2016/02/09/fact-sheet-cybersecurity-national-action-plan

http://www.itbusinessedge.com/slideshows/top-10-tips-for-educating-employees-about-cybersecurity.html

http://www.wsj.com/articles/j-p-morgan-says-about-76-million-households-affected-by-cyber-breach-1412283372

...