Pub. 11 2016-2017 Issue 2

www.nebankers.org 18 Extraordinary Service for Extraordinary Members. Phish or Be Phished Keith Laughery, CISA, CISSP, CoNetrix TECH TALK I F I WERE TO ASK YOU TO LIST YOUR TOP SECURITY THREATS, howwould you respond? No doubt many wouldmention cybersecurity, seemingly the hottest topic at banking conventions and forums as well as with examiners. A Google search for “top cybersecurity threats” produces lists like these: • Machine-to-machine attacks, headless worms, jailbreak- ing the cloud, ghostware, and two-faced malware (http://cnb.cx/1mLqnto) • Extortion Hacks, Attacks That Change or Manipulate Data, Chip-and-PIN Innovations, IoT Zombie Botnet, More Backdoors (http://bit.ly/29QcMeg) • IoT: The Insecurity of Things, Sophisticated DDoS Attacks, Social Media Attacks, Mobile Malware, Third- Party Attacks (http://bit.ly/1ybzJmf) Some of the aforementioned items might be in your own list and, like me, you may not even be familiar with some of these threats. Howwould you answer if I rephrased the ques- tion: “What is your weakest link in security?” You Are the Weakest Link! Well, YOU may not be the weakest security link but your employees probably are. In a CIO.com article aptly named “People Remain the Weakest Link in Security,” Graham