The Invisible Achilles’ Heel of Network Security

Rie Vainstein • January 10, 2019

The Invisible Achilles’ Heel of Network Security

Not too long ago, we tweeted an article about the biggest hacks of 2018 and  yet another has just been revealed. This is becoming commonplace. The trend seems to be indicating that too many people have become complacent in their security protection. Hacking of any company’s data is BIG business – more so than most people realize.

According to CSO Online  about 58 records are stolen EVERY SECOND! Even though smaller breaches go unreported, larger ones are usually reported and, at an estimated average cost of $141 per record, the bill for a breach can be staggering.

Sticking your corporate head in the sand and saying “It won’t happen to me” is a big mistake. It is far better to put resources in place to ensure you have done everything you can, to defend yourself. Unfortunately, firewalls, anti-virus, anti-malware, strong passwords, biometric devices, and physical security measures are not always good enough. As a business manager (or owner) you also need to train your IT staff in what to look for that may indicate a threat, what to do during an attack, and how to mitigate potential future intrusions… BUT there is another layer of weakness that is often overlooked…

You may remember the story, from Greek mythology, of Achilles. He was the baby who, it was foretold, would die young. His mother took him to the river Styx, and dipped him in, holding him by the heel, in the hope that the magical water would give him the power of invincibility. Into adulthood, he survived many battles however, one day, a poisonous arrow was shot at him and hit him in the (un-dipped) heel. He died soon afterwards.

Forbes  revealed that, even after you have spent money on putting a strong security protocol in place to protect your company, and trained your IT team, your other (non-IT) employees can cause your company’s security downfall. Any employees who fail to follow simple security-oriented steps (either accidentally or deliberately) can cause gaping holes in otherwise competent network security.

It doesn’t matter how big or small your company is, employees can still be the cause of major weaknesses in your network security. Even if you think that training them is going to be more than the current budget can handle, that price, whatever it may be, is still going to calculate out as being significantly less than the cost of mitigating the devastating result of a full-scale breach.

Some of the old phrases or “sayings”, that we all heard our Grannies tell us, containing their sage wisdom, have never been more appropriate: “a stitch in time, saves nine” advises us that it is better to make your employees aware of the basics BEFORE they let you down, and potentially cost you a fortune, than leaving it until it is too late, and then being forced to “close the barn door after the horse has bolted”!

Training ALL your employees < not just your IT team > in network security is essential, because your company may already possess its invisible “Achilles’ heel”.

NC-Expert has been aware of this problem for a long time and offers training classes in network security – both for IT professionals AND for non-technical employees.

Contact us TODAY to discuss how we can help your employees prevent disaster!

===
Non-Technical Security Training:

  • CertNexus’ CyberSAFE
  • also NC-Expert exclusive training (contact us for details)

===
Professional Network Security:

===
If you would like to learn more about how NC-Expert can help,  contact us TODAY  !

NC-Expert Blog

The Importance of Using a VPN

By Rie Vainstein March 31, 2025
A Digital Shield for Your Online Adventures As tech professionals, we often spend a good chunk of our lives navigating the digital realm. Whether you’re troubleshooting a network, coding a new app, or just binge-watching the latest series, one thing is clear: your connection to the internet is a double-edged sword. It’s both incredibly convenient and, if not properly secured, a potential vulnerability. Enter the VPN (Virtual Private Network) our trusty, digital bodyguard. If you’re not already using one, or if you’re not entirely sure why you should, let’s walk through some of the reasons why a VPN is essential for anyone working in IT and, frankly, for anyone who uses the internet. What Is a VPN? In simple terms, a VPN creates a secure, encrypted tunnel between your device and the internet. It allows your data to travel securely, masking your IP address, and ensuring that no one (be it hackers or nosy advertisers) can track or intercept your online activity. Think of it as your personal “cloak of invisibility” in the digital world! 

Troubleshooting Wireless Networks with Ekahau

By Phil Morgan March 13, 2025
Troubleshooting Wireless Networks with Ekahau: A Professional Engineer’s Guide Wireless networks have become the backbone of modern business infrastructure. From office environments to large-scale enterprises, ensuring a seamless wireless experience is essential for productivity. However, despite advancements in Wi-Fi technology, network performance issues often arise, ranging from signal interference and dead zones to capacity overloads and channel mismanagement. To tackle these issues efficiently, professional engineers rely on powerful tools. One such tool, Ekahau AI Pro, has become a gold standard in the wireless industry for troubleshooting and optimizing Wi-Fi networks. This blog delves into troubleshooting wireless networks using Ekahau tools, providing practical examples and technical insights to guide professional engineers in improving network performance.

Post-Quantum Cryptography: The Future of Digital Security?

By Rie Vainstein March 3, 2025
Futureproofing Our Security In our increasingly connected world, the security of digital information has never been more critical. From banking transactions to private communications, our data is constantly transmitted and stored across the internet. The current systems that protect this data rely on cryptography, a branch of mathematics that helps keep information secure by encoding it in ways that are difficult to decode without the proper key. However, with the rise of quantum computers, traditional cryptography is facing new and significant threats. This is where Post-Quantum Cryptography comes into play. What is Post-Quantum Cryptography? Post-Quantum Cryptography (PQC) [1] refers to cryptographic algorithms that are specifically designed to be secure against the power of quantum computers. Quantum computers, once they become practical, will be capable of solving complex mathematical problems much faster than classical computers. This will render many of the encryption methods we rely on today [such as RSA (Rivest, Shamir, and Adleman – initials of the inventors) and ECC (Elliptic Curve Cryptography)] vulnerable to attack. Quantum computers operate on quantum bits, or “qubits”, which can exist in multiple states simultaneously, unlike classical bits that are either a zer (0) or one (1). This allows quantum computers to perform certain calculations exponentially faster than classical computers. For example, in a matter of seconds, a quantum computer could potentially break an RSA key, which is considered secure by today’s standards. As quantum computing technology advances, the need for PQC becomes even more urgent.