15 February 2016
I really appreciate the comprehensive approach of the Cybersecurity National Action Plan (CNAP) because the news of the cyber-attack on the Department of Homeland security made one thing crystal clear:
It’s definitely not enough to focus on the upgrade of the U.S. IT security infrastructure. Security protocols must be reviewed and adjusted where necessary. And employees must be trained in their correct application.
Moreover, it is required to enable employees to say “No, I’m sorry, this is not allowed!” if an unambiguous identification of a caller is not possible.