SANS Rocky Mountain Fall is Live Online! Join us Nov 2-7 MT for 17 interactive courses + NetWars. Save $300 thru 10/7.

Press

Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.





SANS Announces Start of Help Desk Security Survey

Respondents eligible to enter drawing for an iPad 4!

  • Bethesda, MD
  • January 17, 2013

SANS Institute is asking managers and analysts in help desk and similar end-user support services to take a 10-minute survey to reveal their approaches to the security risks faced by their teams.

"For decades, attackers have used social engineering techniques to use help desk staff as unwitting allies in their efforts to subvert networked systems. We want to quantify how IT organizations are addressing this challenge," says Deb Radcliff, executive editor of the SANS Analyst Program. "We're also hoping to learn from the experiences of help desk and support managers, and pinpoint the areas that need the most attention."

Help desk and other support operations can be weak spots in the armor of an IT operation, given the tools at their disposal.

"In many organizations, the help desk effectively holds the 'keys to the kingdom.' These can include the powers of password generation and reset, sensitive apps and data exposed in troubleshooting," explains Barbara Filkins, SANS analyst and author of the survey. "The people working on the help desk are highly trusted, but are subject to social engineering attacks from both casual and deliberate intruders."

The survey, sponsored by RSA, The Security Division of EMC, aims to identify the methods that help desk and support staff verify their bona fides to end users, and how to validate that end users are who they claim to be.

"The help desk is still a major point of vulnerability in most organizations. Even the best technology in the world cannot stop an agent from being socially engineered," said Sam Curry, CTO, Identity and Data Protection Group at RSA. "We hope that this research will bring attention to these concerns, shed light on the risks, and demonstrate the need for improved security in identity proofing for employees calling the help desk."

The survey will be open until March 10, 2013. Results will be released during a webcast held on June 26, at 1 PM EDT. (Registration for the webcast is open now: https://www.sans.org/webcasts/securing-desks-survey-96157. Those who register for the webcast will be among the first to receive an advance copy of the survey results, in a white paper developed by Filkins.

Not only will respondents help shape industry practices, they can also register to be entered into our iPad 4 drawing! Follow this survey link to begin: https://www.surveymonkey.com/s/2013_SANS_HelpDesk_Survey

SANS Media Contact

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals in government and commercial institutions worldwide. Renowned SANS instructors teach more than 60 courses at In-Person and Live Online cyber security training events, and more than 50 courses are available anytime, anywhere with our OnDemand platform. GIAC, an affiliate of the SANS Institute, validates practitioner skills through more than 35 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers a master’s degree, graduate certificates, and an undergraduate certificate in cyber security. SANS Security Awareness, a division of SANS, provides organizations with a complete and comprehensive security awareness solution, enabling them to easily and effectively manage their ‘human’ cybersecurity risk. SANS also delivers a wide variety of free resources to the InfoSec community including consensus projects, research reports, webcasts, podcasts, and newsletters; it also operates the Internet's early warning system – the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to support and educate the global information security community. (https://www.sans.org)

Press

Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.





Partners
CISecurity

Internet Storm Center
RSS
Latest Whitepapers

Security Network Auditing: Can Zero-Trust Be Achieved?
By Carl Garrett

Zeek Log Reconnaissance with Network Graphs Using Maltego Casefile
By Ricky Tan

Replacing WINS in an Open Environment with Policy Managed DNS Servers
By Mark Lucas

Last 25 Papers »

Latest Tweets @SANSInstitute

From this year's #SANSCloudSummit, catch up on this talk by [...]
September 24, 2020 - 3:25 PM

You don't want to miss next week's #InclusionInCyber Forum w [...]
September 23, 2020 - 11:30 PM

Miss last week's STAR webcast? You can listen to it anytime, [...]
September 23, 2020 - 10:05 PM

Contact Us

Mon-Fri: 9am-8pm ET (phone/email)
Sat-Sun: 9am-5pm ET (email only)
301-654-SANS(7267)
info@sans.org

"As a security professional, this info is foundational to do a competent job, let alone be successful."
- Michael Foster, Providence Health and Security

"It was a great learning experience that helped open my eyes wider. The instructor's knowledge was fantastic."
- Manuja Wikesekera, Melbourne Cricket Club

"The perfect balance of theory and hands-on experience."
- James D. Perry II, University of Tennessee