{"id":248,"date":"2016-08-09T15:47:49","date_gmt":"2016-08-09T20:47:49","guid":{"rendered":"https:\/\/www.onlc.com\/blog\/?p=248"},"modified":"2016-08-09T15:47:49","modified_gmt":"2016-08-09T20:47:49","slug":"reduce-social-engineering-attacks-cybersecurity-certification","status":"publish","type":"post","link":"https:\/\/www.onlc.com\/blog\/reduce-social-engineering-attacks-cybersecurity-certification\/","title":{"rendered":"Reduce Social Engineering Attacks: Cybersecurity Certification"},"content":{"rendered":"

The list of high-profile companies attacked by cyber criminals is long and includes big names like Target, Sony, Citibank, Anthem, and Home Depot to name a few. Could these social engineering attacks have been prevented? <\/span><\/p>\n

As part of <\/span>Home Depot\u2019s recent settlement<\/span><\/a>, it agreed to pay at least $19.5 million to compensate U.S. consumers harmed by a 2014 data breach that affected more than 50 million cardholders, improve data security over a two-year period, and hire a chief information security officer to oversee its progress. The company said the intruder used a vendor\u2019s login information to infiltrate its computer network and install malware to steal sensitive information.<\/span><\/p>\n

Multi-million dollar losses are common these days. According to a <\/span>2015 study by the Ponemon Institute<\/span><\/a>, cyber crimes cost the average U.S. company participating in the study approximately $15.4 million per year, with 62 percent experiencing recurrent phishing and other social engineering attacks.<\/span><\/p>\n

Can Attacks be Prevented?<\/span><\/h2>\n

Having cyber security experts train employees can be extremely effective in keeping criminals out of a company\u2019s ecosystem. For example, social engineering is a form of cybercrime that targets humans, not computers. Imagine a con man tricking you into handing over the keys to your home or office. <\/span><\/p>\n

Social engineering uses the same type of manipulation – with hackers phishing for employees or vendors willing to relinquish their online passwords and login information. We\u2019ve all gotten emails that appear to be from friends or colleagues, telling us to \u201cCheck This Out!\u201d so we\u2019ll open a video file with malware. Or messages that appear to be from IT departments, banks, or credit card companies asking us to \u201cclick here\u201d to verify information. Once the malware enters a company\u2019s ecosystem, cybercriminals have access to any information that they could want.<\/span><\/p>\n

What\u2019s at Stake?<\/span><\/h2>\n

Cybercrime is big business, and organized crime syndicates and state-affiliated actors are often the perpetrators. New social engineering schemes are created every day to keep the money flowing. And money isn\u2019t the only thing victimized companies have to deal with:<\/span><\/p>\n