Bigwigs creating big risks of social-engineering attack
High-level executives are one of the biggest social engineering risks for organisations, according to a security expert.
Senior executives often demand for exceptions to be made to security rules and policies for their convenience at the expense of security, said Jayson Street, chief information officer and managing partner of Strategem 1 Solutions, who spoke on Thursday at the CommunicAsia 2010 tradeshow. This practice makes it easy for cybercriminals to successfully gain access to corporate networks by impersonating as management personnel.
Top executives are also ideal targets given their systems privilege and access rights, he pointed out. "[Hackers are] not going after the bank teller, [they are] going after the bank president, because the tellers have USB drive rights deactivated, they have controls on where they can go on websites."
For more on this story, see Top execs biggest social engineering risk on ZDNet Asia.