Employees Are The Biggest Cyber Security Risk

Businesses are constantly at risk, whether it’s from website data breaches, cyber-attacks or malicious emails and employees are often the biggest cyber security risk

Companies can invest significant resource into cyber security but often overlook the risks their staff represent. Attacks have increased during lockdown as hackers seek out weaknesses created by the immediate shift to working from home for millions of people.

Symantec found that 71% of all targeted attacks started with phishing scams. These are emails sent by criminals that look to have been sent by a legitimate company and ask for sensitive information. Often, these contain a link within the email which takes you to a very believable, fake website with a form for you to input your details. This information is then sent to straight to the crooks who created the website, ready for them to sell or use your data. They may ask for passwords, credit card details or usernames, anything they can use to sell or use illegally.

Although many companies are spending money on cyber security technology they can be less willing to invest in training their staff. According to the exoerts at IT security firm Altinet, 90% of cyber threats come via email, highlighting the imporatnce of training  front line staff to be allert and spot phishing attacks, ofetn acting as the last line of defence.

This is particularly important right now as businesses face more threats from the disruption caused by Covid-19.

Your employees may not be aware of the risks of using any device, work or personal, on an unsecured network. This could be the free Wi-Fi in the local café or on the train to a business meeting. These types of connections may not encrypt your data, meaning it could be intercepted and fall into the wrong hands. Where data is sent in an unencrypted format, such as plain text, you are allowing crooks access to potentially sensitive and valuable information.

Accessing emails and social media is a risk on an unsecured network as you could unintentionally leak passwords or other sensitive information. While accessing a banking app could open up your bank accounts to criminals hacking the network.
Cyber-crime isn’t expected to lessen over the next few years. By 2025, the number of interconnected devices in use is projected to exceed 75 billion, opening up virtually endless opportunities for criminals to attack. 

While your employees may pose a security risk, with the right training you can reduce the risk of falling victim to cyber-crime. The important thing is to assess your business, uncover any weak points and communicate the best processes to all staff.

Business Desk:        Open Access Government:       RiskandInsurance:     IT Governamce

You Might Also Read: 

Every Single Employee Requires Cyber Security Training:

Staff awareness training is the single most important thing you can do to reduce the risk of employee error. And as business need cyber security training and we at Cyber Security Intelligence recommend GoCyber training for all employees and management please contact Cyber Security Intelligence for a free trial.

 

 

« Cloud Security Is Different
Webinar: How To Protect All AWS Services & Surfaces »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

UCD Centre for Cybersecurity and Cybercrime Investigation

UCD Centre for Cybersecurity and Cybercrime Investigation

UCD Centre for Cybersecurity and Cybercrime Investigation is Europe's leading centre for research & education in cybersecurity, cybercrime and digital forensics.

Nutanix

Nutanix

The Nutanix enterprise cloud platform provides performance, robust security, and seamless application mobility for a broad range of enterprise applications.

Cyber Security Specialists

Cyber Security Specialists

Cyber Security Specialists Limited provide Security services across a wide range of markets, from multi-national Corporate Organisations and Government Agencies, through to smaller Businesses.

Cybersecurity Tech Accord

Cybersecurity Tech Accord

The Cybersecurity Tech Accord promotes a safer online world by fostering collaboration among global technology companies.

infySEC

infySEC

InfySEC is an information security services organization offering Security Technology services, Security Consulting, Security Training, Research & Development.

Yelbridges

Yelbridges

Yelbridges is your reliable partner in all fields of IT-Security, from developing of Security Policies and Guidelines to the design and implementation of secure processes.

Method Cyber Security

Method Cyber Security

Method offers a Cyber Security Risk Management training course for those responsible for the security of industrial automation, control and safety systems.

Liberty Mutual

Liberty Mutual

Liberty Specialty Markets offers specialty and commercial insurance and reinsurance products, including Cyber, across the USA, Europe, Middle East and other international locations.

Crown Sterling

Crown Sterling

Crown Sterling delivers next generation software-based, AI-driven cryptography in the form of random number generators and encryption products.

SDG Corp

SDG Corp

SDG is a global cybersecurity, identity governance, risk consulting and advisory firm, addressing complex security, compliance and technology needs.

Breadcrumb Cybersecurity

Breadcrumb Cybersecurity

Breadcrumb Cybersecurity is a cybersecurity and advisory firm. We specialize in penetration testing, threat hunting, incident response, regulatory compliance, and employee training services.

Char49

Char49

Char49 specialize in Penetration Testing, Red Team Assessment, Social Engineering and Security Research.

Sansec

Sansec

Sansec is the global leader in eCommerce malware and vulnerability detection. We help you to stay ahead of hackers!

Quad9 Foundation

Quad9 Foundation

Quad9 is a free security solution that uses DNS to protect your system against the most common cyber threats. It improves your system's performance, plus, it preserves and protects your privacy.

Digital Element

Digital Element

Digital Element is a global IP geolocation and intelligence leader with unrivaled expertise in leveraging IP address insights to deliver new value to companies.

ANSSI Burkina Faso

ANSSI Burkina Faso

ANSSI is responsible for managing the security of information systems and cyberspace in Burkina Faso.