Reading the short article it feels like the old routine of 1. Cyber incident, 2. sparse information in all directions, 3. after fixed, all personnel returns to old habits with higher level of insecurity against a blurry, unspecific threat and back to square one. while the few sec op folks try to train employees to better secure the systems without really improving the crucial understanding of how such incidents really work. Or do I completely misinterpret such causalities?
> “Maintain a high level of vigilance and verify the legitimacy of CBO communications by confirming with the sender via telephone that they sent the message,” the note continues.
Depends how sophisticated and incentivized the attacker, of course.
Reading the short article it feels like the old routine of 1. Cyber incident, 2. sparse information in all directions, 3. after fixed, all personnel returns to old habits with higher level of insecurity against a blurry, unspecific threat and back to square one. while the few sec op folks try to train employees to better secure the systems without really improving the crucial understanding of how such incidents really work. Or do I completely misinterpret such causalities?
Sounds about right.
you missed "increase budget and capabilities of overseers"
> “Maintain a high level of vigilance and verify the legitimacy of CBO communications by confirming with the sender via telephone that they sent the message,” the note continues.
Depends how sophisticated and incentivized the attacker, of course.