What does fake news have to do with cyber security?Probably to me, one of the most interesting things about these fake news stories is that they all have catchy “click bait” titles that you want to click on. “You’ll Never Guess What (insert candidate name here) Said About (insert topic here)” and such. And we all know what happens when employees click on catchy titles… you see an increased risk of phishing and malicious software introduction from employees registering for web sites because they want to read that fake news article they just clicked on. Although not directly impacting a company, these additional security exposures greatly increase the risk of employees being compromised. How? Employees let their guard down not realizing that clicking on links are equally as dangerous as links sent via email.
Reducing the RiskThere are two ways you can reduce the risk of bad behaviors like this:
- Take the standard preventative measures to remove administrative rights from the endpoint. Doing so limits the surface area exposed to an attack. If a user doesn’t have the rights and permissions to access sensitive areas of the network, data, etc., then that attack gets cut off.
- Increase awareness at the layer of proxy control for employees – basically modeling what “good” and “bad” behavior looks like.