Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Are your security professionals qualified?

Many don't know what they don't know

Several lessons have been derived from the recent iCloud security incident, but the most important for me is how it demonstrates the ignorance of many security professionals, an ignorance that calls their management into question.

When the iCloud hack started hitting the news, it generated a lot of discussions among security personnel. Many of them grasped the underlying concepts reasonably well. Unfortunately, though, some of the conversations demonstrated a clear lack of understanding of fundamental security concepts.

As is widely known by now, a hacker was able to compromise the Amazon.com and iCloud accounts of a Wired reporter. The accounts were compromised as a result of operational security flaws in the password reset processes of the respective organizations. The attack itself was rather involved, but at bottom it was a fairly straightforward social engineering type of attack.

To continue reading, register here to become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Related Articles

  1. CMO interview: Becoming a change agent

    CMO

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Comments are now closed.
Related Whitepapers
Latest Stories
Community Comments
Latest Blog Posts
Whitepapers
  • Top 10 tips for Migration
    As users bring multiple devices to the workplace, IT departments need to have a single view of all their mobile devices. Find out how to build a secure and reliable management platform for next generation mobile computing across multiple platforms. Click for more!
    Learn more »
  • Benefits of Deploying Microsoft Exchange Server 2010 on Dell Compellent with Data Progression
    Messaging and collaboration platforms have emerged as mission critical applications, consuming a large portion of IT spending for organisations. The rich features in these applications have significantly changed the messaging requirements and needs of today’s information from anywhere with any device, the result is an ever increasing demand on storage systems both in terms of capacity and bandwidth. Many organisations are rethinking their storage strategies to meet the demanding criteria and to handle the future requirements. Read more.
    Learn more »
  • How Web Security Improves Productivity and Compliance
    In this white paper, we will look at how secure web gateways, one type of information security technology, can provide benefits to many departments within any business or government agency. Download now.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments