Employees are frequently cited as being the weakest link in security. Rather than argue this point, I'm just going to reference a few articles here and move on ( Fortune , Fraud-magazine , Forbes ). Now, in general, employees are considered the weakest link because they don't always make smart decisions. For example, in one company I was at, a phishing email was sent out to many of the employees. The email was from "Emily", the subject was "New Pics" and the body was simply "Check out my latest pics" with a link. I was amazed at how many people clicked on that link and consequently installed a virus. A similar attack came a few months later, but spread over chat instead. I felt that we needed to train our employees better. I should note here that there is a good argument for security software that is idiot proof, that prevents employees from hurting their networks or losing information. I entirely believe in using such software, but hacker
A place to learn more about security and technology.