February 6, 2020 4:42 pm
The reality is, all humans are open to error and this will include your employees. Inevitably it can become very easy for something to be overlooked when the same people are looking at the same data every day. It is a good idea to invite a trusted security expert to help identify any potential weak spots.
Explaining the detrimental consequences of everyday activities that could cause your company to be comprised, such as an employee leaving a laptop on a train, accessing work documents over an open WiFi network in a café or opening personal email on a work device can help your staff understand how they could potentially undermine security for your firm. Another excellent way to train your staff to defend against hackers is to get them to think like one. So, they see the potential risks before they happen!
Hackers are resourceful and view every problem as an opportunity. They might see what they do as highlighting risks, but to the company and it’s employees it could mean the loss of their livelihood.
Create clear guidelines for employees across all areas of your firm and making sure all employees are fully aware of the security policies in place is vital. When these policies are not followed, the guard is lowered and you could become an easier target. Breaches can often be made, albeit it unwittingly, be made by someone inside a company.
Phishing is the easiest and most popular way to attack company employees. This is because the cost is low to the hacker and also because of the nature of the attack. Official looking emails are sent within which there will be a request to send critical information from their work device. Even though this is a well-known method, employees can frequently be fooled by most of these types of email.
Remind employees often to check the email address, email tone and if the requests are ‘normal’ from that sender. Also, wherever suspicious, reported to your security team as a matter of course.
Hackers can look to gather security information from your employees by gathering personal information on them through social media or internet use. By doing this they then trick your employees in to divulging sensitive information without even realising. This can result in access to resources being gained through employees breaking standard security practices and potentially allowing access to accounts and data without the use of a password for example.
Ensure that employees understand that public Wi-Fi is characteristically insecure. Any work device connected to public Wi-Fi is at risk and should always be treated as suspicious. Insist your employees use only a secure connection such as VPN.
This is why it is important to develop the hacker mindset within your organisation, helping your staff change the way the see cyber security and to become more resourceful.
Categorised in: Uncategorised
This post was written by Anwen Haynes1