The article begins by explaining how all organizations operating different networks have the daunting task of protecting the data on their network. The technological advancement affords companies to operate at a global level. There is a lot of data sharing and information communication through the internet. The infrastructure supporting the network is at risk of being attacked as well as the data it carries. The writer explains that attacks on data are direct, and the target is highest for critical and sensitive data. Almost all organizations handle some data including trade secrets, credit card data, medical records, personally identifiable information.
There is no organization that operates a system that is hundred percent secure. In addition, all organizations have some level of vulnerability and even those to be secure do experience different forms of attacks. In the recent past data, security has evolved to adopt active defense in combination with training. According to the writer, the mechanism for delivering large-scale attacks is relatively small; it is also deceptive and subtle. The attackers focus on the users and from them they get access to the data in the system. The attack on users can be precise or widespread depending on the agenda of the attacker.
The creativity of the attackers is growing rapidly, and the opposing parties must keep developing new technologies. One such innovation has been designed to deal with phishing attacks that include more than seventy percent of spam. The Phishme technology helps identify and block attacks that may increase the susceptibility of information in the system. The technology works by increasing the employee awareness and training them on phishing attacks.
The article explains how employees receive strategies on how to identify and report potential attacks. The technology is used to generate benign phishing emails similar to what attackers would send. The emails are then sent to employees to test their ability to identify and report them. The technology is used to analyze and group employees depending on their risk levels. The technology allows an organization to monitor spear-phishing and phishing attacks as well as analyze the emails. The innovation is useful in collecting data that is used in gauging existing attacks that provide guidance on the training the employees require. The technology is also helpful for obtaining malware content, headers and IP addresses for sorting.
The article explains the innovation made towards ensuring data security in networks. The information provided emphasizes the need for organizations to focus on equipping their employees rather than just focusing on the data itself. Almost all organizations use the internet for communication; the article provides valuable information on phishing attacks and how they can be avenues for breaches in the systems. The innovation allows companies to use their employees who are the target in reducing and possibly eliminating the organizations vulnerability to phishing attacks.
The article is well written and can be clearly understood by everybody including non-IT audience. However, the article should have provided further information on how efficient the innovation is in fighting phishing attacks. The report should have included details of how the software works its compatibility and the cost implications for interested companies. The focus of the article is on data security that is a field that will continue to be of interest even in the future as organizations endeavor to secure their networks.
Works Cited.
James Verderico. “2014 Industry Innovators: Data Protection.” SC Magazine Dec. 2014. Web. 9 Dec. 2014. http://www.scmagazine.com/2014-industry-innovators-data-protection/article/384516/
