Its Your People Who Contribute To Data Breaches

A survey conducted by ESET reveals that 42% of businesses are focusing on delivering compliance training as part of their cyber security protocol, while over 63% use passwords as a gate keeper of their systems. Yet human error is a major factor in many cyber breaches. 

There is often a lack of team coherence regarding cyber security, despite the fact that every team member in a modern business will have access to and be using vulnerable systems on a regular basis. 

Cyber security is something which too many businesses leave up to dedicated IT specialists, when in fact a lot of breaches could be avoided if a more integrative and business-wide approach to cyber security were adopted. The conversation about cyber security needs to be happening in the boardroom and teams across the organisation. For the human risk factor to be mitigated, both senior and middle management need to play a much larger role in both identifying vulnerabilities within their teams and securing cyber systems via an integrative human/machine approach. 

Cyber-criminals are not constrained by the same restrictions which govern legitimate software developers and white-hat hackers. This enables cybercriminals to implement changes at an unprecedented speed, enabled by ever evolving technology including Artificial Intelligence. 

For example, ransomware (software which takes control of systems and/or data and hold it to ransom) has recently been supplanted by more direct methods of skimming cash or stealing data to sell on. 

This change happened even before white-hat developers had got to grips with ransomware. Time after time we’ve seen that the next ‘Big Thing’ in cybercrime goes live before we’ve even started getting to grips with the last Big Thing. So, while the trends mentioned above may be dominating at the time of writing, the MO of any cyber-criminal worth their salt can and will change in a number of unpredictable ways, and will do so extremely quickly. However, what is notable about the most successful cyberattacks is that they rely on a degree of human error and/or ignorance. 

For example, cybercriminals are able to install phishing codes onto systems via Alexa because many people are unaware of the need to protect their smart devices as well as their desktop computers. 

In a business context, there is often a lack of awareness about the need for a truly integrative and self-aware approach to cyber security, one which encompasses everyone and not just the ‘boffins’ in the IT department. 

ESET:          WorkplaceInsight

You Might Also Read: 

Hackers Delight: Poor Password Security:

Protecting Your Company’s Data Against Insider Threats:

 

 

« Fact-Checking Comes To Instagram
Webinar: JumpStart Guide to Application Security in AWS »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Redscan Cyber Security

Redscan Cyber Security

Redscan Cyber Security is a Managed Security Services Provider (MSSP) that enables businesses to effectively manage their information security risks.

Cloud53

Cloud53

Cloud53 specialise in improving operational IT through strategic use of Cloud technologies and services.

Nethemba

Nethemba

Nethemba provide pentesting and security audits for networks and web applications. Other services include digital forensics, training and consultancy.

National Defence Radio Establishment (FRA) - Sweden

National Defence Radio Establishment (FRA) - Sweden

The National Defence Radio Establishment (Försvarets Radioanstalt), is the Swedish national authority for Signals Intelligence, also providing Information assurance services to government authorities.

IT2Trust

IT2Trust

IT2Trust is one of Scandinavia’s leading value-added distributors of business-critical IT solutions within IT security and networking.

Exida

Exida

Exida is a leading product certification and knowledge company specializing in industrial automation system safety, security, and availability.

Soracom

Soracom

Soracom offers secure, scalable, cloud-native connectivity developed specifically for the Internet of Things.

Averon

Averon

Averon's technology is the new gold standard for digital identity - the easiest, fastest and most secure verification solution for users on both WiFi and LTE.

Aspen Insurance

Aspen Insurance

Aspen is a leading diversified specialty insurance and reinsurance company. Products offered include cyber insurance.

QNu Labs

QNu Labs

QNu Labs’s quantum-safe cryptography products and solutions assure unconditional security of critical data on the internet and cloud across all industry verticals, globally.

ITTAS

ITTAS

ITTAS is a multidisciplinary company specializing in information security and software and hardware protection software.

Paradyn

Paradyn

Paradyn-managed security services can provide a holistic view of your business environment, no matter how simple or complex it is.

US Coast Guard Cyber Command

US Coast Guard Cyber Command

US Coast Guard Cyber Command’s focus is to ensure the security of our cyberspace, maintain superiority over our adversaries,and safeguard our Nation’s critical maritime infrastructure.

Great American Insurance Group

Great American Insurance Group

Great American's Cyber Risk Division offers cyber solutions for small and medium-sized businesses.

PhishFirewall

PhishFirewall

PhishFirewall is an advanced AI-driven CyberSecurity Awareness Education, Threat Emulation, and Human Security Analytics Platform.

Guardey

Guardey

Guardey protects thousands of SME's environments. Whether your team works at the office, at home, at the customer or remotely. We protect your business. We do this in an accessible and affordable way.