It’s easy to get focused on improving sales, marketing, and employee motivation, but none of that matters if your company becomes a victim of cybercrime.
Swiftly shifting advances in technology have made it easier than ever to do business. But, as with all things, there is a cost. Our society has become increasingly dependent on services that are managed by vulnerable systems.
And there are people out there who are using those vulnerabilities and our dependence on them to cause more damage than ever to a business’s reputation or finances.
It’s gotten to the point that even ransomware can be easily obtained as a subscription service, and the odds of the cyber criminals using it getting caught are extremely low.
Unfortunately, cybercrime is no longer limited to just a few hackers testing out the system. Today cybercrime is big business. In fact, IBM’s 2018 Cost of a Data Breach Study discovered that:
- The average cost of a data breach has increased 6.4 percent over the previous year to $3.86 million.
- The average cost for each lost or stolen record containing sensitive and confidential information has increased by 4.8 percent to $148.
To tackle this growing problem, your company may have a security program or taken on advisors to secure your digital information. This is a great first step, but it isn’t enough because it turns out that every one of your employees can be a weak link when it comes to cybersecurity.
Would it surprise you to learn that in Shred-it’s 2018 State of the Industry Report, employee negligence was determined as the main cause of data breaches?
That according to this report, 47% of business leaders stated that human error- like the accidental loss of a document or device by an employee—had caused a data breach at their company?
With nearly half of business leaders claiming that human error caused a security breach, it is clear that hiring cyber security specialists isn’t enough.
Your employees must be enlisted in your company’s defense. They need to not only understand where the threats are coming from but make smart cyber defense choices.
Basic Types of Cyber Threats
First, stop in education? Understanding the three basic types of cyber threats and how to stop them from infiltrating your network.
1. Confidentiality Attacks via Social Engineering
This basically means a cybercriminal steals information by psychologically manipulating people into performing actions that reveal or give access to confidential information. The most common form of social engineering, phishing attacks, can be narrowed down into two types:
- Spear Phishing is an email that targets a specific individual or organization. The emails appear to come from someone in the organization or a personal acquaintance. The author of the email wants unauthorized access to crucial information like trade secrets, financials, or military intelligence.
- Whale Phishing centers on high-profile employees such as CFO’s or CEO’s. These attacks are aimed at stealing vital information that those holding higher positions in a company have unlimited access to. Most of these attacks manipulate the victim into permitting high-worth wire transfers to the attacker.
2. Attacks on Integrity
These attacks sabotage people or enterprises. They are formally called APTs (Advanced Persistent Threats). You might have heard them referred to as leaks, but they aren’t necessarily a leak from an employee.
Typically an unauthorized user infiltrates a network without being detected and then hangs out in the network for an extended period.
During this time, they steal data with no harm to the network and eventually expose the data to the public, causing the public to lose trust in that organization.
3. Attacks on Availability AKA Malware
These are instances where some software has restricted your access to your system. You may have already experienced an incident where some virus accessed or damaged your computer.
Or even heard of extreme nightmare cases where a user is blocked from accessing their computer until they pay a fee or ransom.
11 Ways You and Your Employees Can Keep Your Company Safe
- Secure sensitive information in desk drawers or lockers. Shred confidential paper documents. Take notes on a secure device instead of on paper.
- Regularly back up files onto a separate drive or secured cloud.
- Regularly update devices. Most software updates have fixes for security issues contained within them.
- Destroy hard drives when you are done with them. You may have deleted or cleaned the drive, but that doesn’t mean that the information isn’t buried in there somewhere.
- Research sites and services before providing confidential information.
- If an email comes from an unknown source, don’t open the attachments or click links.
- Immediately report lost or stolen devices. Have a point of contact available for employees to call if something happens and make sure that every employee knows who this is.
- Require employees to use two-factor authentication. With this step in place, employees enter a user name and password as well as a code the system texts to their mobile phone.
- Support your employees’ success by only giving cybersecurity access to those who need it. This will decrease the odds of something going wrong.
- Keep cybersecurity passwords secure. The most secure passwords contain both upper and lower-case letters, numbers, and symbols. You could also have employees use a password manager.
- If you really want to educate and engage employees on cyber security, host a phishing simulation training.
The cybercrime threat is serious enough that the FBI is currently “enhancing the Cyber Division’s investigative capacity to sharpen its focus on intrusions into government and private computer networks.”
But you don’t have to let it get that far. A good cyber security system paired with diligently educated employees significantly decreases the risk of your company becoming a cyber-victim.
We Are Here to Help
We hope this dive into cyber security has been helpful. And remember, we’re here to help you with your premium water dispenser needs whenever you need us!