Why Staff are your first line of defense against cyber breaches
Sit back and relax – you have good technology and processes in place, and you are protected from cyber security breaches. Unfortunately, that’s how many companies view their cyber security risk, and that’s why they get breached!
Scary Stat Time
The statistics around breaches are very compelling:
- Over 90% of them are via staff.
- 60% of companies that suffer a major breach are out of business in 6 months or less.
- They take over 6 months on average to detect.
- The average cost (in Australia) is now $1.99 million.
Yes, you read it right, $1.99 million! Think of expensive cyber security consultants digging out malicious code in your systems because the criminals have been in there for 6 months. Think downtime, mandatory reporting to the OAIC, reputation damage and lost customers. It certainly adds up!
We need good tech and processes
Cyber criminals are largely strategic groups focused on obtaining your money, or your information to sell online, and they won’t spend time on something that doesn’t make them money. And right now, with all the good tech we have in place, it’s hard for them to hack into systems. That’s a really good thing, but being strategic, cyber criminals will look for the easy target.
How are staff tricked
So what do they do? Target staff, because they are helpful, trusting and gullible, and because they haven’t been trained in how to identify and respond to IT security threats.
And that’s where the “over 90% of breaches” stat comes from! Staff are tricked with things like:
- Malicious files
- Removable media
- Deceptive URLs
- Dangerous emails
- Malicious websites and website popups
- Social engineering (tricking people face to face, or with a voice conversation)
- Requests for information
- Impersonations (e.g. Pretending to be the CEO and asking for money)
- Scare tactics, free lunch tactics, and the fear of missing out
- Physical IT breaches (i.e. actually getting physical access to information or systems)
- Mobile device scams
But there is HOPE
The attack possibilities are near endless, and that’s why in this day and age staff need to be suspicious first, so that they stop and think before they act. And to do that, you need to educate them on how they are targeted, and how to respond.
Don’t educate them with a boring online compliance-based program either. Face to face training that is fun and engaging will give you massive benefits to your cyber risk profile. Stay safe out there!
The Cloud – For Businesses Did you know? The Cloud has been around since 1960’s, in fact it has only been really used by businesses in the last 10+ years. The value which cloud solutions add to an organisation is remarkable! Even if you are a small business it will do great wonders. Understanding the […]
MS Teams & Outlook Integration Microsoft Teams is the fastest growing Microsoft Application with over 20 million daily active users and over 500,000 organisations using the app that’s why it’s no surprise that they continue to improve the App and implement new integrations. Microsoft Teams is the fastest growing Microsoft Application with over 20 million daily active […]
Darkweb Cybersecurity Awareness Month © Copyright Cybersecurity Awareness During the month of October, Cybersecurity Awareness Month reminds us of a category of crime that continues to inflict taxpayers and companies with damages amounting to billions of dollars annually. Staying updated on the latest attack types and prevention techniques is the only way to future-proof your […]