21 May Cyber Risks – Your Staff are the Weakest Link!
It surprises many people to hear, that nearly 90% of all cyber-attacks are successful due to human error or behaviour.
Social Engineering and Cyber Threats are becoming more complex and very clever, just spotting when your being played is harder. If you’re not aware of hidden threats and cannot recognise the markers – How can you stop them?
It can be easy to invite something unwanted and damaging into your business without even knowing you are doing it, Ransomware, Malware and Viruses can be let in through emails, dodgy websites and links and in some cases, someone pretends to be someone you know asking for your personal information.
Don’t be caught on the line with Phishing.
Phishing is a common and a growing threat, and very similar to actual fishing. There is bait to lure, a line and of course a hook! The bait is often a convincing looking email containing, the hook, a desirable or compelling link or call to action for someone to take. (These could even be a CV attachment sent to HR). Before you know it, you are caught on the line of a hacker unable to wriggle free.
Phishing accounts for 90% of all data breaches and 15% of people who have been successfully ‘Phished’ will be targeted for at least one more time within a year. It is a problem worth avoiding for you and your staff.
Phishing is now the most common method used by hackers and cyber criminals to catch employees out. Often using it to gain company information or sensitive data from you or employees. The way in which they target employees is through convincing emails that seem legitimate and has become so successful that 30% of phishing messages get opened by targeted users.
Just one phishing email can cause huge problems for your business, from just a single employee opening the door. Through phishing a hacker can be on your network. Once inside recent reports conclude that a hacker and his software sit in the average network for 197 days filtering off data and information.
Many companies at this point will be muttering “Our Data isn’t worth anything to anyone”. This may be true but it’s worth something to you, which is why we have a huge escalation in smaller businesses being hacked and caught with Ransomware. If it’s not valuable on the darkweb, how much will you pay to keep working?
This can cause huge consequences for your business from loss of data, Ransoms, theft, huge amounts of downtime and also fines. Also if breached, you could face up to £20 million in fines or even 4% of annual turnover for failing to comply to GDPR.
Education is critical, Staff cannot prevent things if they don’t know the signs or understand the reason they need to be vigilant. Get security training for your staff and start changing the behaviours and culture can make huge difference in your business, as they are both your strength and potentially your weakness.
At Netcom we have a range of service to protect your business and a key element is ongoing staff training and cyber behaviour development. This training offers.
- Baseline Testing– Seeing how prone your staff are to phishing emails and putting them in a simulation of a phishing attack and what to do
- Phishing Simulations for your staff to see how they progress in avoiding phishing emails.
- Educational Videos and Tools to modify behaviours
- In-depth Reports to help you identify those that keep falling foul
Invest a little in educating and training your staff to identify and respond to threats properly and you have created a human firewall in your organisation. This investment will make you safer and reduce your risk.