Have you seen the T-Shirts that read, “When the zombie apocalypse arrives, I don’t have to be the fastest runner. I just have to be faster than you?”
The Law of Low Hanging Fruit is very similar, and it’s the second of three fundamental concepts in the Protect Your PII series.
Here’s another one for you – in case you like to rhyme:
Information that hangs low on the vine is often the first target time after time.
At this point you probably understand that just as water will always take the path of least resistance, so will most (cyber) criminals.
· A stack of useful documents sitting in a trash can or recycle bin is far more attractive than a bag of cross-cut shredded paper.
· Accounts with easy passwords will get compromised faster than accounts with complex passwords.
· A car with a laptop bag sitting on the front seat is a bigger target than one that is not.
Sounds pretty straightforward, right?
The answer is, it is! Applying even the simplest security controls can limit the attack surface you inadvertently provide an adversary. Remember Protect Your PII – Small Changes? Each small change you make raises those tree branches, keeping your fruit a little bit higher than everybody else’s fruit.
Regardless of whether you are a random or specific target in cybercrime, this rule will always apply, so don’t give anybody an easy path to your PII.
Practice applying small security improvements over time and your fruit will rise higher and higher.
Stay tuned for Protect your PII – Know Yourself.
*For the purpose of this article this rule always applies. Exceptions to this rule are targeted attacks/objectives. If an attacker’s objective is to compromise Information X, the state of security surrounding that asset will analyzed and techniques to bypass security controls will be utilized.
Protect Your PII Series: