The final chapter is now history and I feel that it was a good way to end the book. The part that I found the most interesting from this final chapter was the fact that most companies never report any social engineering attacks, yet they happen all the time. What Mitnick said was true; that if word of these attacks spread, it could ruin the company. The public reaction to these attacks could end up being more harmful than the attack itself. After all who would want to do business with a company that cannot guarantee that your information is secure? For example if a scam became public at a company like America Online and even just one customer’s personal information was compromised, I know I would think about switching providers. In today’s highly competitive corporate world businesses cannot afford to take chances on possibly losing the trust of their customers. Mitnick closes out the book by illustrating different procedures and policies that may be effective in preventing most scams.
I agree with some of the other bloggers in my group that this book could have been a little shorter. Some of the social engineering scams became repetitive but now that I think about it perhaps that was the point. While reading Mitnicks tip’s towards the end of each chapter I found myself actually predicting what he was going to say. By hammering his message into the readers head for 16 chapters, it would be hard to forget what he taught us in this book. Overall, I think that this book is a must read for whomever is in charge of security procedures at any company no matter how small. While these scams cannot be stopped completely, they can be greatly reduced by listening to Mitnick’s message.
1 comment:
Of course if 9 out of 10 companies have been victims of attack, where would anyone switch there business to? It would be really hard for us to know who has the best security measures. Switching to a new company might not make your info safer either because your old company may not delet your information. So they will still have it hanging around, at least in their likely unencrypted back-up files, and the wiley social engineer can still get to it. And sometimes you don't have a choice, for example your mortgage gets sold off and now some company that you didn't choose to do business with now has your info. (And they compromise your info and then resell your mortgage, which is what happened to me.) I'm telling you, there's just no such things as true security. *Sigh*
Post a Comment