It is not simply the duty of the workers to maintain your startup’s information secure

“As all of us know, people are sometimes the weakest a part of the safety chain.”

These are the phrases of Reddit CTO Christopher Slowe, who was fast to play the blame sport in a submit saying that Reddit skilled a breach of inner information final week. He defined that the platform was compromised after an attacker despatched “plausible-sounding prompts” to staff that redirected them to a web site impersonating Reddit’s intranet portal in an try to steal credentials. Reddit mentioned customers’ information was secure.

Hackers efficiently obtained an worker’s credentials, Slowe mentioned, earlier than calling out mentioned worker — who decisively self-reported the incident to Reddit’s safety workforce — because the “weakest hyperlink” within the firm’s safety defenses. (Satirically, Slowe went on to advise customers to “replace your password each couple of months,” a observe that’s not beneficial by most cybersecurity specialists.)

Reddit isn’t alone in pointing the finger following a breach, and lots of organizations have defaulted to a blame tradition with regards to information safety.