Employees Are The Biggest Cyber Security Risk

Businesses are constantly at risk, whether it’s from website data breaches, cyber-attacks or malicious emails and employees are often the biggest cyber security risk

Companies can invest significant resource into cyber security but often overlook the risks their staff represent. Attacks have increased during lockdown as hackers seek out weaknesses created by the immediate shift to working from home for millions of people.

Symantec found that 71% of all targeted attacks started with phishing scams. These are emails sent by criminals that look to have been sent by a legitimate company and ask for sensitive information. Often, these contain a link within the email which takes you to a very believable, fake website with a form for you to input your details. This information is then sent to straight to the crooks who created the website, ready for them to sell or use your data. They may ask for passwords, credit card details or usernames, anything they can use to sell or use illegally.

Although many companies are spending money on cyber security technology they can be less willing to invest in training their staff. According to the exoerts at IT security firm Altinet, 90% of cyber threats come via email, highlighting the imporatnce of training  front line staff to be allert and spot phishing attacks, ofetn acting as the last line of defence.

This is particularly important right now as businesses face more threats from the disruption caused by Covid-19.

Your employees may not be aware of the risks of using any device, work or personal, on an unsecured network. This could be the free Wi-Fi in the local café or on the train to a business meeting. These types of connections may not encrypt your data, meaning it could be intercepted and fall into the wrong hands. Where data is sent in an unencrypted format, such as plain text, you are allowing crooks access to potentially sensitive and valuable information.

Accessing emails and social media is a risk on an unsecured network as you could unintentionally leak passwords or other sensitive information. While accessing a banking app could open up your bank accounts to criminals hacking the network.
Cyber-crime isn’t expected to lessen over the next few years. By 2025, the number of interconnected devices in use is projected to exceed 75 billion, opening up virtually endless opportunities for criminals to attack. 

While your employees may pose a security risk, with the right training you can reduce the risk of falling victim to cyber-crime. The important thing is to assess your business, uncover any weak points and communicate the best processes to all staff.

Business Desk:        Open Access Government:       RiskandInsurance:     IT Governamce

You Might Also Read: 

Every Single Employee Requires Cyber Security Training:

Staff awareness training is the single most important thing you can do to reduce the risk of employee error. And as business need cyber security training and we at Cyber Security Intelligence recommend GoCyber training for all employees and management please contact Cyber Security Intelligence for a free trial.

 

 

« Cloud Security Is Different
Webinar: How To Protect All AWS Services & Surfaces »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Blueliv

Blueliv

Blueliv is a leading provider of targeted cyber threat information and intelligence. We deliver automated and actionable threat intelligence to protect the enterprise and manage your digital risk.

Q-CERT

Q-CERT

Q-CERT is the National Computer Security Emergency Team of Qatar.

KE-CIRT/CC

KE-CIRT/CC

KE-CIRT/CC is the national Computer Incident Response Team for Kenya.

Global Cyber Alliance (GCA)

Global Cyber Alliance (GCA)

Global Cyber Alliance is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world.

Safe Security

Safe Security

Safe Security (formerly Lucideus) provides Cyber risk assessment services and platforms to multiple Fortune 500 companies and governments across the globe.

DestructData

DestructData

DestructData is a leading independent provider of End of Life data destruction/security solutions.

Onfido

Onfido

Onfido is building the new identity standard for the internet. We digitally prove people’s real identities using a photo ID and facial biometrics.

PQShield

PQShield

PQShield are specialists in Post-Quantum Cryptography. We provide quantum-secure cryptographic solutions for software, software/hardware co-design and data in transit.

Lifetech

Lifetech

Lifetech is a software development, product engineering and system integration company. Cybersecurity services include SIEM deployment and training.

SHe CISO Exec

SHe CISO Exec

SHe CISO Exec is a sustainable global training and mentoring platform in information security and leadership.

Ministry of Information and Communications (MIC) - Vietnam

Ministry of Information and Communications (MIC) - Vietnam

The Ministry of Information & Communications of Vietnam is the policy making and regulatory body in the field of information technology and national information and and communication infrastructure.

Across Verticals

Across Verticals

Across Verticals is a boutique cyber security consulting firm that specializes in holistic, deeply technical and end to end cyber security advisory services based on industry best practices.

Cyber Security Partners (CSP)

Cyber Security Partners (CSP)

Cyber Security Partners specialise in the provision of Cyber Security Consultancy, Data Protection and Certification and Compliance services.

QA Consultants

QA Consultants

QA Consultants is North America’s largest software quality engineering services firm, an award-winning onshore provider of software testing and quality assurance solutions.

Silverse

Silverse

At Silverse, we specialize in building a comprehensive cybersecurity journey, anchored by our extensive experience, industry expertise, and an ecosystem of trusted partners.

Digital Encode

Digital Encode

Digital Encode is a leading consulting and integration firm that specializes in the design, management, and security of business-critical networks, telecommunications, and IT infrastructures.