this post was submitted on 15 Jul 2024
533 points (96.2% liked)

Cybersecurity - Memes

1964 readers
1 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago
MODERATORS
 

If a single click on a phishing email can ruin the entire company, the blame doesn't lie with that individual.

you are viewing a single comment's thread
view the rest of the comments
[–] Ptsf@lemmy.world 20 points 4 months ago (1 children)

As a system admin I can sympathize, but honestly I don't see any resolution that will fix this in the short or longterm. You just have to accept that the reality of computing is that if you interact with external data in a way that runs unfriendly code, you can/probably will compromise your system. It's just a consequence of making rocks smart.

[–] TheEighthDoctor@lemmy.world 4 points 4 months ago* (last edited 4 months ago) (1 children)

Yes but not every user needs access to every system all the time and there should be alerts set up for logins outside of working hours, expected devices and IPs. There should be behavior based alerts, for example, why is the HR lady opening PS?

There are many things that can be done to secure the systems post-compromise.

[–] Ptsf@lemmy.world 1 points 4 months ago

Oh, of course. But that's for compromises utilizing tool chains and exploits you're aware of. Zero day exploits are commonplace nowadays and often utilize complex tool chains to avoid detection or circumvent security posture. It's all a matter of how sophisticated the attack is and it all becomes a lot easier to do if you've got user level run permissions due to some user clicking a phishing email and tossing their creds in it or launching a random pdf with an embedded payload.