Computerworld - People like to ask the security manager, "What keeps you up at night?" My usual answer: "Employees." And there's good reason. About 95% of the security incidents my department responds to are a result of an employee doing the wrong thing, whether it's clicking on an evil link within an email, installing a malicious program or sending a sensitive document outside the company.
At issue: An employee's files are all encrypted after she clicks on a ransomware link.
Action plan: Get the files back, make sure no one else fell victim, and find out how that ever got through the email filters.
Sometimes when they do the wrong thing, you can't really blame them. And sometimes you get evidence that employees are really paying attention when you tell them not to do things that are likely to lead to trouble. We just had a ransomware situation (which didn't turn out too badly in the end), and I have to admit that how it arose was quite understandable, a case of one person trying to streamline aspects of his job that don't really require his attention and another person trusting that first person. Here's what happened.