Business Cyber Security - The Danger Within!
Written by Shackleton Technologies, 19 June 2019
Cyber Security issues are the single biggest threat to businesses all over the globe and if your business becomes infected by malware or ransomware, the real value of your backup and disaster recovery planning proves its worth.
In addition to stringent backup and disaster recovery planning, more switched on businesses will have an entire suite of security measures in place, from antivirus, antispam, and web filtering.
Some even employ products to monitor the infamous dark web for information, URLs or even email addresses related to their business. It gives them warning that their details have been compromised and are potentially up for sale.
The alarming thing about this is that all the measures in world won’t protect your business, if you forget about your most vital assets - your people!
The vast majority of security breaches affecting businesses happen through gaining access to the company network via human error or ignorance. Yet few companies invest sufficiently, or at all, in training their employees in cyber security awareness.
Employees have a critical role to play in your business’ security, so it's essential to enable them to do their job and at the same time, encourage them to help keep your business protected.
What is the risk?
In a recent survey of 300 IT managed service providers across Europe, 84% of them reported they had seen SMB clients struck by ransomware in the previous two years. Also, 42% reported that clients had suffered multiple attacks on the same day!
In truth, the bad guys are working day and night to find new ways of stealing business data and they’re getting better at it all the time, using more advanced and sophisticated techniques to do it.
Your employees have a critical role to play in helping to keep your organisation protected but this can be counter-productive if they are having to spend too much effort on security processes and not enough time doing their jobs. Experience teaches us that if processes are too onerous, then corners are cut, or worse, processes ignored altogether.
It’s imperative to support employees effectively with the right tools and training to help protect your business against risks, including:
- Removable media or personal devices: Without clearly defined and usable policies, staff may connect devices to the corporate infrastructure, inadvertently introducing malware that can compromise sensitive business information
- Policies & procedures: If security procedures are not designed to support your team in performing their daily duties, they can be an inhibitor, which causes frustration and leads to them being ignored.
- Attacks from outside the business: Most of your employees will have accesses and rights on your business network and this can make them a prime target for external attackers, or hackers. Phishing attacks or social engineering attempts are commonplace and rely on taking advantage of unsuspecting users.
- Disgruntled employees: Dissatisfied employees may attempt to gain access to information or systems to which they are not authorised. They may even try to steal or otherwise delete files and data, possibly when they are about to leave the company.
- Websites: Certain websites can be laden with links or clickbait, specifically intended to lure unwary users into clicking on them, therefore releasing the infection onto their computer and ultimately, onto your network. This can have a devastating effect on your business.
Protect Against Human Error
Shackleton Technologies utilise market-leading software tools which complement your existing security measures by using simulated phishing attacks. This allows us gauge how cyber aware your employees are.
The resulting report helps us pinpoint how and where to target security awareness training to help educate your team, making them more cyber aware.
Following training, we re-run the simulated attacks and report back to you on the results.
Your cyber security strategy is only as strong as your weakest link. Since almost 95% of all cyber security breaches can be attributed to human error, user awareness training is vital, if your business is to be better protected.
If you would like to discuss your concerns about cyber security, contact Shackleton Technologies today to arrange a full review of your current preparedness.
The Cautionary Tale of Baltimore and the Ransomware
When the city of Baltimore suffered a major malware breach, almost every government system was taken offline...