Its Your People Who Contribute To Data Breaches

A survey conducted by ESET reveals that 42% of businesses are focusing on delivering compliance training as part of their cyber security protocol, while over 63% use passwords as a gate keeper of their systems. Yet human error is a major factor in many cyber breaches. 

There is often a lack of team coherence regarding cyber security, despite the fact that every team member in a modern business will have access to and be using vulnerable systems on a regular basis. 

Cyber security is something which too many businesses leave up to dedicated IT specialists, when in fact a lot of breaches could be avoided if a more integrative and business-wide approach to cyber security were adopted. The conversation about cyber security needs to be happening in the boardroom and teams across the organisation. For the human risk factor to be mitigated, both senior and middle management need to play a much larger role in both identifying vulnerabilities within their teams and securing cyber systems via an integrative human/machine approach. 

Cyber-criminals are not constrained by the same restrictions which govern legitimate software developers and white-hat hackers. This enables cybercriminals to implement changes at an unprecedented speed, enabled by ever evolving technology including Artificial Intelligence. 

For example, ransomware (software which takes control of systems and/or data and hold it to ransom) has recently been supplanted by more direct methods of skimming cash or stealing data to sell on. 

This change happened even before white-hat developers had got to grips with ransomware. Time after time we’ve seen that the next ‘Big Thing’ in cybercrime goes live before we’ve even started getting to grips with the last Big Thing. So, while the trends mentioned above may be dominating at the time of writing, the MO of any cyber-criminal worth their salt can and will change in a number of unpredictable ways, and will do so extremely quickly. However, what is notable about the most successful cyberattacks is that they rely on a degree of human error and/or ignorance. 

For example, cybercriminals are able to install phishing codes onto systems via Alexa because many people are unaware of the need to protect their smart devices as well as their desktop computers. 

In a business context, there is often a lack of awareness about the need for a truly integrative and self-aware approach to cyber security, one which encompasses everyone and not just the ‘boffins’ in the IT department. 

ESET:          WorkplaceInsight

You Might Also Read: 

Hackers Delight: Poor Password Security:

Protecting Your Company’s Data Against Insider Threats:

 

 

« Fact-Checking Comes To Instagram
Webinar: JumpStart Guide to Application Security in AWS »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

RPC

RPC

RPC is a business law firm. Practice areas include technology and cyber risk.

ShmooCon

ShmooCon

ShmooCon is an annual east coast hacker convention offering three days of demonstrations and discussions of critical infosec issues.

EdgeWave

EdgeWave

EdgeWave provides simple but highly effective data security and advanced threat protection in solutions that are affordable, scalable and easy to use.

Smokescreen

Smokescreen

Smokescreen's IllusionBLACK employs deception technology to detect, deflect and defeat advanced hacker attacks.

Exatel

Exatel

Exatel is Poland’s leading provider of ICT security services.

Cyber Observer

Cyber Observer

Cyber Observer’s team specializes in providing corporate officers with comprehensive, visual, real-time performance overview, critical security control (CSC) analysis.

Mphasis

Mphasis

Mphasis is a leading applied technology services company applying next-generation technology to help enterprises transform businesses globally.

Porto Research, Technology & Innovation Center (PORTIC)

Porto Research, Technology & Innovation Center (PORTIC)

PORTIC brings together several research centers and groups from P.PORTO in a single space, forming a superstructure dedicated to research, technology transfer, innovation and entrepreneurship.

BCyber

BCyber

BCyber is a Swiss Cyber Security company that provides security products, training, and managed services to protect diverse IT and OT environments against cyber, physical, and cyber-physical threats.

McKinsey & Company

McKinsey & Company

McKinsey & Company is a global management consulting firm. We are trusted advisor to the world's leading businesses, governments, and institutions.

NexGen Cyber

NexGen Cyber

NexGen Cyber helps customers in commercial SMB markets with IT security, security integration, service management, outsourced service transition, and transformative security solutions.

Redington

Redington

Redington offer products and services in solution areas including digital transformation, hybrid infrastructure and cybersecurity.

Infisign

Infisign

Infisign addresses the challenges of traditional IAM systems and offers a comprehensive solution for modern identity management.

AUCyber

AUCyber

AUCyber is a leading provider of managed cyber security solutions and consultancy services, specialising in supporting Australian organisations and Government agencies.

Dialog Enterprise

Dialog Enterprise

Dialog Enterprise is the corporate ICT solutions arm of Dialog Axiata, Sri Lanka’s leading connectivity provider.

TDi Technologies

TDi Technologies

TDI Technologies' flagship solution ConsoleWorks, is an IT/OT cybersecurity and operations platform for Privileged Access Users.