Its Your People Who Contribute To Data Breaches

Uploaded on 2019-08-28 in JOBS-Training, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

A survey conducted by ESET reveals that 42% of businesses are focusing on delivering compliance training as part of their cyber security protocol, while over 63% use passwords as a gate keeper of their systems. Yet human error is a major factor in many cyber breaches. 

There is often a lack of team coherence regarding cyber security, despite the fact that every team member in a modern business will have access to and be using vulnerable systems on a regular basis. 

Cyber security is something which too many businesses leave up to dedicated IT specialists, when in fact a lot of breaches could be avoided if a more integrative and business-wide approach to cyber security were adopted. The conversation about cyber security needs to be happening in the boardroom and teams across the organisation. For the human risk factor to be mitigated, both senior and middle management need to play a much larger role in both identifying vulnerabilities within their teams and securing cyber systems via an integrative human/machine approach. 

Cyber-criminals are not constrained by the same restrictions which govern legitimate software developers and white-hat hackers. This enables cybercriminals to implement changes at an unprecedented speed, enabled by ever evolving technology including Artificial Intelligence. 

For example, ransomware (software which takes control of systems and/or data and hold it to ransom) has recently been supplanted by more direct methods of skimming cash or stealing data to sell on. 

This change happened even before white-hat developers had got to grips with ransomware. Time after time we’ve seen that the next ‘Big Thing’ in cybercrime goes live before we’ve even started getting to grips with the last Big Thing. So, while the trends mentioned above may be dominating at the time of writing, the MO of any cyber-criminal worth their salt can and will change in a number of unpredictable ways, and will do so extremely quickly. However, what is notable about the most successful cyberattacks is that they rely on a degree of human error and/or ignorance. 

For example, cybercriminals are able to install phishing codes onto systems via Alexa because many people are unaware of the need to protect their smart devices as well as their desktop computers. 

In a business context, there is often a lack of awareness about the need for a truly integrative and self-aware approach to cyber security, one which encompasses everyone and not just the ‘boffins’ in the IT department. 

ESET:          WorkplaceInsight

You Might Also Read: 

Hackers Delight: Poor Password Security:

Protecting Your Company’s Data Against Insider Threats:

 

 

« Fact-Checking Comes To Instagram
Webinar: JumpStart Guide to Application Security in AWS »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Eversheds Sutherland

Eversheds Sutherland

Eversheds Sutherland is a global multinational law practice offering a full range of commercial and IT law services including Privacy, Data Protection and Cyersecurity.

FIDO Alliance

FIDO Alliance

FIDO Alliance is a non-profit organization formed to address the lack of interoperability among strong authentication devices.

ShadowDragon

ShadowDragon

ShadowDragon develops digital tools that simplify the complexities of modern investigations that involve multiple online environments and technologies.

Cellopoint

Cellopoint

Cellopoint is a leading manufacturer of information security and email lifecycle management (ELM) products.

Digital Security

Digital Security

Digital Security is an Ecuadorian company specialized in providing comprehensive information security solutions.

Blancco Technology Group

Blancco Technology Group

Blancco Technology Group is a leading global provider of mobile device diagnostics and secure data erasure solutions.

Pluribus One

Pluribus One

Pluribus One develops customized solutions and other data-driven applications to secure your business and your devices.

Granted Consultancy

Granted Consultancy

Granted Consultancy is a business consultancy that specialises in securing funding to support companies with the development and commercialisation of new and innovative products and technologies.

Gluu

Gluu

Modern Authentication for Digital Enterprise. Organizations around the world trust Gluu for large-scale, high-security identity & access management.

InGuardians

InGuardians

InGuardians is an independent information security consulting firm specializing in penetration testing, threat hunting, and hardware hacking.

Digital Identification & Authentication Council of Canada (DIACC)

Digital Identification & Authentication Council of Canada (DIACC)

DIACC is a non-profit coalition of public and private sector leaders committed to developing a Canadian framework for digital identification and authentication.

Air IT

Air IT

Air IT are a responsive, client-focused and award-winning Managed Service Provider, helping clients achieve success and transformation through their IT and communications.

OneLayer

OneLayer

OneLayer provide enterprise grade security dedicated for private LTE/5G networks. We ensure that the best IoT security toolkit is implemented in your cellular environment.

SHI International

SHI International

SHI International deliver against your IT and business needs, helping you build strategies and solutions that will drive innovation, collaboration and security.

Wavenet

Wavenet

Wavenet has grown from simple beginnings to become one of the UK’s market leaders in unified communications, business telephony, and Cyber Security solutions.

Benchmark IT Services (BITS)

Benchmark IT Services (BITS)

BITS is a leading cyber security company in Australia. Our certified professionals work with you to keep your data assets safe and secure.