#1: “Let’s cut back on customer service levels to save money”

#2: “Human beings can be replaced with machines to answer our phones”

#3: “We have to pay our employees less because payroll is the single biggest expense line we have”

#4: “We’ve been very successful, so let’s grow the company more quickly”

#5: “We’ll get better results if we hire a superstar manager to run this place”

#6: “Our company is so cool we will always have a large pool of talent available”

#7: “There’s no place for family in the workplace”

#8: “Let’s be honest: Women are always going to want to have babies, so it’s dangerous to promote them too far up the ladder”

#9: “We are an equal opportunity employer — it just looks like we’re not”

#10: “We promoted Charley because he got great results in his last job”

#11: “When things get rough, it’s smart to take our time to make prudent business decisions”

Full Report

According to SANS, hackers have been exploiting vulnerabilities in Web applications to infect other connected computers or steal data from an unguarded computer, SANS reports. Those vulnerabilities emerge, often, from faulty coding by developers. To combat the threat, SANS recommends a number of firewall and scanning tools designed specifically for Web-based tools.

SANS also reports that, all too often, "gullible" employees fall for scams in unsolicited emails, following instructions that allow outsiders to break into corporate systems. These scams can be targeted at obtaining bank account numbers and passwords, or to steal sensitive customer or corporate data.

SANS urges companies to test their employees by sending benign phishing emails and revoking staffers' access if they take the bait. Training and monitoring are also recommended.