Employees Are The Biggest Cyber Security Risk

Businesses are constantly at risk, whether it’s from website data breaches, cyber-attacks or malicious emails and employees are often the biggest cyber security risk

Companies can invest significant resource into cyber security but often overlook the risks their staff represent. Attacks have increased during lockdown as hackers seek out weaknesses created by the immediate shift to working from home for millions of people.

Symantec found that 71% of all targeted attacks started with phishing scams. These are emails sent by criminals that look to have been sent by a legitimate company and ask for sensitive information. Often, these contain a link within the email which takes you to a very believable, fake website with a form for you to input your details. This information is then sent to straight to the crooks who created the website, ready for them to sell or use your data. They may ask for passwords, credit card details or usernames, anything they can use to sell or use illegally.

Although many companies are spending money on cyber security technology they can be less willing to invest in training their staff. According to the exoerts at IT security firm Altinet, 90% of cyber threats come via email, highlighting the imporatnce of training  front line staff to be allert and spot phishing attacks, ofetn acting as the last line of defence.

This is particularly important right now as businesses face more threats from the disruption caused by Covid-19.

Your employees may not be aware of the risks of using any device, work or personal, on an unsecured network. This could be the free Wi-Fi in the local café or on the train to a business meeting. These types of connections may not encrypt your data, meaning it could be intercepted and fall into the wrong hands. Where data is sent in an unencrypted format, such as plain text, you are allowing crooks access to potentially sensitive and valuable information.

Accessing emails and social media is a risk on an unsecured network as you could unintentionally leak passwords or other sensitive information. While accessing a banking app could open up your bank accounts to criminals hacking the network.
Cyber-crime isn’t expected to lessen over the next few years. By 2025, the number of interconnected devices in use is projected to exceed 75 billion, opening up virtually endless opportunities for criminals to attack. 

While your employees may pose a security risk, with the right training you can reduce the risk of falling victim to cyber-crime. The important thing is to assess your business, uncover any weak points and communicate the best processes to all staff.

Business Desk:        Open Access Government:       RiskandInsurance:     IT Governamce

You Might Also Read: 

Every Single Employee Requires Cyber Security Training:

Staff awareness training is the single most important thing you can do to reduce the risk of employee error. And as business need cyber security training and we at Cyber Security Intelligence recommend GoCyber training for all employees and management please contact Cyber Security Intelligence for a free trial.

 

 

« Cloud Security Is Different
Webinar: How To Protect All AWS Services & Surfaces »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Huawei

Huawei

Huawei is a leading global ICT solutions provider. with end-to-end capabilities across the carrier networks, enterprise, consumer, and cloud computing fields.

Phoenix Contact Cyber Security

Phoenix Contact Cyber Security

Phoenix Contact Cyber Security is a leading manufacturer of network security appliances for use in industrial environments.

Morphisec

Morphisec

Morphisec's world leading prevention-first software stops ransomware and other advanced attacks from endpoint to the cloud.

inBay Technologies

inBay Technologies

inBay Technologies' idQ Trust as a Service (TaaS) is a unique and innovative SaaS that eliminates the need for user names and passwords.

Wayra UK

Wayra UK

Wayra UK, part of Telefónica Open Future, has been chosen to run a new cyber accelerator facility to help UK start-ups grow and take the lead in producing the next generation of cyber security systems

BeDefended

BeDefended

BeDefended is an Italian company operating in IT Security and specialized in Cloud and Application Security with years of experience in penetration testing, consulting, training, and research.

Block Armour

Block Armour

Block Armour is a Mumbai and Singapore based venture focused on harnessing emerging technologies to counter growing Cybersecurity challenges in bold new ways.

SITA

SITA

SITA is a multinational information technology company providing IT and telecommunication services to the air transport industry including vulnerability assessments and managed security services.

Rigado

Rigado

Rigado's mission is to enable commercial IoT success by providing high-performance secure and scalable wireless edge connectivity and network infrastructure.

Scout Ventures

Scout Ventures

Scout Ventures is an early stage venture capital firm that is making the world a better, safer place by cultivating standout frontier technologies.

SoftForum

SoftForum

SoftForum is a company specializing in next-generation information security solutions in the Quantum-Resistant-Cryptography (PQC) field.

Getvisibility

Getvisibility

Getvisibility enables customers to detect, classify and protect sensitive information increasing data security, governance, compliance and lowering the risk of losing valuable data.

Defence Labs

Defence Labs

Defence Labs is a cybersecurity company specialising in cost effective penetration testing for small-to-medium sized enterprises.

Cyberleaf

Cyberleaf

Cyberleaf is simplified managed cybersecurity for MSPs, enabling top tier cyber protection for small and medium enterprise.

Forensic IT

Forensic IT

Forensic IT is a specialised cyber security firm with expertise in Digital Forensics and Incident Response (DFIR).

Xantaro

Xantaro

Xantaro specializes in technologies, software and services for Carriers, ISPs, Hosting and Cloud Providers as well as for Operators of Data Centres and Campus Networks.