Its Your People Who Contribute To Data Breaches

Uploaded on 2019-08-28 in JOBS-Training, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

A survey conducted by ESET reveals that 42% of businesses are focusing on delivering compliance training as part of their cyber security protocol, while over 63% use passwords as a gate keeper of their systems. Yet human error is a major factor in many cyber breaches. 

There is often a lack of team coherence regarding cyber security, despite the fact that every team member in a modern business will have access to and be using vulnerable systems on a regular basis. 

Cyber security is something which too many businesses leave up to dedicated IT specialists, when in fact a lot of breaches could be avoided if a more integrative and business-wide approach to cyber security were adopted. The conversation about cyber security needs to be happening in the boardroom and teams across the organisation. For the human risk factor to be mitigated, both senior and middle management need to play a much larger role in both identifying vulnerabilities within their teams and securing cyber systems via an integrative human/machine approach. 

Cyber-criminals are not constrained by the same restrictions which govern legitimate software developers and white-hat hackers. This enables cybercriminals to implement changes at an unprecedented speed, enabled by ever evolving technology including Artificial Intelligence. 

For example, ransomware (software which takes control of systems and/or data and hold it to ransom) has recently been supplanted by more direct methods of skimming cash or stealing data to sell on. 

This change happened even before white-hat developers had got to grips with ransomware. Time after time we’ve seen that the next ‘Big Thing’ in cybercrime goes live before we’ve even started getting to grips with the last Big Thing. So, while the trends mentioned above may be dominating at the time of writing, the MO of any cyber-criminal worth their salt can and will change in a number of unpredictable ways, and will do so extremely quickly. However, what is notable about the most successful cyberattacks is that they rely on a degree of human error and/or ignorance. 

For example, cybercriminals are able to install phishing codes onto systems via Alexa because many people are unaware of the need to protect their smart devices as well as their desktop computers. 

In a business context, there is often a lack of awareness about the need for a truly integrative and self-aware approach to cyber security, one which encompasses everyone and not just the ‘boffins’ in the IT department. 

ESET:          WorkplaceInsight

You Might Also Read: 

Hackers Delight: Poor Password Security:

Protecting Your Company’s Data Against Insider Threats:

 

 

« Fact-Checking Comes To Instagram
Webinar: JumpStart Guide to Application Security in AWS »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NCC Group

NCC Group

NCC Group is a global cyber and software resilience business operating across multiple sectors, geographies and technologies.

RKH Specialty

RKH Specialty

RKH Specialty, part of the Hyperion Insurance Group, is a provider of specialty insurance services including Cyber Risk cover.

Mitchell Sandham

Mitchell Sandham

Mitchell Sandham is an, independent insurance and financial services brokerage. Business products include Cyber/Privacy Liability insurance.

Fornetix

Fornetix

Fornetix is a cybersecurity platform enabling Zero Trust while delivering critical encryption automation, access controls, authorization services, machine identity, and ICAM solutions,

Cryptika

Cryptika

Cryptika is a fully integrated IT security and managed services provider, specialized in Next-Generation Cyber Security Technologies.

SOSA

SOSA

SOSA facilitates new growth opportunities by connecting the dots between industry verticals and innovation ecosystems around the world.

Scythe

Scythe

SCYTHE is a next generation red team platform for continuous and realistic enterprise risk assessments.

Ergo

Ergo

Ergo is a world-class IT Partner of choice, leveraging the latest technology available in cloud, mobility, big data, analytics, and social media.

BreachLock

BreachLock

Breachlock delivers the most comprehensive Penetration Testing as a Service (PtaaS) powered by Certified Hackers and AI.

Internet Crime Complaint Center (IC3)

Internet Crime Complaint Center (IC3)

The Internet Crime Complaint Center provide the public with a reporting mechanism to submit information to the FBI concerning suspected Internet-facilitated criminal activity.

Moss Adams

Moss Adams

Moss Adams is a fully integrated professional services firm dedicated to assisting clients with growing, managing, and protecting prosperity.

BigBear.ai

BigBear.ai

BigBear.ai delivers high-end analytics capabilities across the data and digital spectrum to deliver information superiority and decision support.

Zorus

Zorus

Zorus provides best-in-class cybersecurity products to MSP partners to help them grow their business and protect their clients.

Blackpanda

Blackpanda

Blackpanda is Asia’s premier cyber security incident response group, hyper-focused on digital forensics and cyber crisis response.

Sekur Private Data

Sekur Private Data

Sekur Private Data Ltd. is a Cybersecurity and Internet privacy provider of Swiss hosted solutions for secure communications and secure data management.

OccamSec

OccamSec

OccamSec is a leading provider in the world of cybersecurity. We provide accurate, actionable information to reduce risk and enable better informed decisions.