Cybersecurity is a growing concern in many businesses as they increase their reliance on inter-connected systems, devices, and cloud technologies. Not surprisingly, a survey by CompTIA finds that malware and hacking are viewed as the top levels of concern affecting the security of your company’s computer systems. While human error ranks low on the survey as a serious concern, human error is actually the leading contributor in more than half of security breaches – higher even than technology failure.
Even if your company does everything right to protect your data – utilizing anti-virus protection, firewalls, encryption, and access management – your employees can unwittingly give cyber attackers access to your company’s vital data. Cyber attackers use Social Engineering to trick people into performing actions or divulging confidential information. When employees unknowingly click on a malicious link, or open an infected document, they open the door to bypass your company’s security technology. These user actions allow malware and viruses to be installed on your company’s computers, and the infections can spread to all devices attached to your network if your employees are using the computer in administrator mode. In fact, employee data is being used by hackers in targeted spear-phishing attacks. Once hackers obtain an employee password, they can use the company information found in that employee’s emails to compose authentic looking emails to executives of the company, thus tricking those with greater access into clicking on the malicious link.
Being a small company no longer means that your company is less likely to be targeted in a security attack. Small to medium-sized businesses are now being targeted at the same frequency as enterprises, simply due to the fact that they have weaker defenses. It is essential for every business to perform a security assessment / audit to uncover its security risks, to have and enforce security policies and procedures, and, just as importantly, to provide education to mitigate the risks caused by human error.
Big Idea Technology provides the technology needed to secure your company’s data and helps you provide the training your staff needs to make them cyber aware. Stay tuned for next week’s blog post to learn the top 10 security training tips your employees need now to protect your business data.