People Problems
Most breaches (some say 80 percent) come through the “people route,” employees, subcontractors, suppliers and anyone else who has authorized access. It’s the easiest way. The “people route” includes:
1. Negligence. Many penetrations occur through simple negligence—misplaced or stolen laptops and cellphones or due to leaving passwords in plain sight. A hacker may ask to borrow your phone for an “emergency call.” These are by far the easiest and quickest ways hackers penetrate security barriers and insert malware in company systems, creating hidden pathways for instant or later access. It takes only seconds.
2. Disgruntled Employees. A disgruntled employee might simply hand over his passwords or lend the hacker his phone for a few minutes. Some believe the Sony hackers had inside help because they said, “Sony doesn’t lock their doors physically, so we worked with other staff with similar interests to get in.”
3. The “Candy Drop.” The hacker provides free CDs or thumb drives to conference attendees. Ostensibly loaded with conference information, they are also infected with malware that the conference attendee unknowingly loads onto his laptop and subsequently onto the company’s computers. Free CDs and thumb drives may also be passed out by third parties in company classrooms, social functions and even company gyms.
4. Phishing. The hacker sends enticing emails with a “click on this offer” invitation. Once opened, the hacker uploads malware to the computers, unbeknownst to the employee.
5. Greed. A cash-strapped employee sells his access information to a hacker. Employee and supplier awareness sessions and training are mandatory for people to understand the risks, the methods and their obligation and responsibility to protect company assets. They must be told the impact of failing to do so. Constant effort must be made to identify and resolve disgruntled-employee situations. Other people with access (contractors, suppliers, etc.) must be contractually bound to company security.
Process Issues
Weak company processes are another major area of vulnerability that hackers frequently exploit. These include:
1. Weak network access controls. While it is recognized that strong network security controls frustrate ease-of-use, weak security controls are easily penetrated and provide ready access to hackers. Restricted access, robust firewalls, segmented and secure networks and applications, and diligent network traffic monitoring are the minimum measures companies should have in place to reduce risk.
Chief Executive Group exists to improve the performance of U.S. CEOs, senior executives and public-company directors, helping you grow your companies, build your communities and strengthen society. Learn more at chiefexecutivegroup.com.
0
1:00 - 5:00 pm
Over 70% of Executives Surveyed Agree: Many Strategic Planning Efforts Lack Systematic Approach Tips for Enhancing Your Strategic Planning Process
Executives expressed frustration with their current strategic planning process. Issues include:
Steve Rutan and Denise Harrison have put together an afternoon workshop that will provide the tools you need to address these concerns. They have worked with hundreds of executives to develop a systematic approach that will enable your team to make better decisions during strategic planning. Steve and Denise will walk you through exercises for prioritizing your lists and steps that will reset and reinvigorate your process. This will be a hands-on workshop that will enable you to think about your business as you use the tools that are being presented. If you are ready for a Strategic Planning tune-up, select this workshop in your registration form. The additional fee of $695 will be added to your total.
2:00 - 5:00 pm
Female leaders face the same issues all leaders do, but they often face additional challenges too. In this peer session, we will facilitate a discussion of best practices and how to overcome common barriers to help women leaders be more effective within and outside their organizations.
Limited space available.
10:30 - 5:00 pm
General’s Retreat at Hermitage Golf Course
Sponsored by UBS
General’s Retreat, built in 1986 with architect Gary Roger Baird, has been voted the “Best Golf Course in Nashville” and is a “must play” when visiting the Nashville, Tennessee area. With the beautiful setting along the Cumberland River, golfers of all capabilities will thoroughly enjoy the golf, scenery and hospitality.
The golf outing fee includes transportation to and from the hotel, greens/cart fees, use of practice facilities, and boxed lunch. The bus will leave the hotel at 10:30 am for a noon shotgun start and return to the hotel after the cocktail reception following the completion of the round.
