Cyber breaches are on every CEO’s mind. You cannot turn a page or hit a site without hearing of yet another corporate data loss disaster. No organisation is immune.
Nobody wants to be the next CEO at a press conference confirming that their cyber defences were penetrated and that their beloved customer’s personal data is now being actively traded on the cyber underground. Are you prepared to sit down with the regulator to explain that in the face of a clear and present danger, you did not do enough to stay cyber secure?
The truth is that as long as there are people who use systems, the probability of compromise is basically guaranteed. You will be compromised, it then depends on your multi-layered defence strategy to see whether the compromise leads to an all-out breach.
An important layer in your security program is your users. It is vital that all users have a sound awareness of cyber threats they may encounter in their daily activities.
The standard security phrase normally begins with: “Internal users are the biggest threat to your security” or “Users are responsible for more than 70% of data breaches” – you know the story.
The question is, what has been done to include the user in the fight against the growing number of cyber-attacks? I have seen that when you have the user involved in the battle it is far easier to quickly identify attempts to compromise and stop the attack before it even starts.
Make sure that you are not only relying on classroom awareness training, emails and posters. It is vital that you have your users engaged. A great way to do this is by using real awareness training offerings provided by a trusted provider, such as J2 Software. Using the right tools you can simulate attacks in a real-life environment, for example targeted phishing attacks. This way if a user is tricked into falling for the attack; there is real time engagement and action-specific awareness and training at the time of “compromise”.
When the user sees how an action can affect the security of both the company and themselves and are shown what to look out for they become truly aware. With real awareness you create another barrier to stifle attacks before they permeate the environment.
If you teach someone they may learn – if you involve them they will remember.
Reporting, awareness and continual monitoring to gauge effectiveness will make sure that your layers are strong and you continually improve cyber resilience that is needed to curb ongoing cyber-attacks.
Fancy a demo, speak to the team.
John Mc Loughlin