Paying attention to cybersecurity is one of the most important things business owners can do. From the technologies deployed to the employee education and training used, preventative cybersecurity ensures that your business, employees and customers stay protected.
Cybersecurity is an expansive array of measures that collectively can detect threats, eradicate them and protect information contained in your IT system. Here’s a closer look at some of the major cybersecurity issues facing companies today.
Verizon’s 2018 Data Breach Investigations Report examined 53,000 security incidents in 65 countries, including 2,200 confirmed data breaches. Seventy-six percent of those breaches were financially motivated. Organized criminal groups accounted for half of those breaches while nation-states or affiliated actors were responsible for 12 percent.
What may be most surprising is that 26 percent of breaches were by internal players. Not all of those breaches were due to malicious intent, but 17 percent of breaches were the result of employee error.
According to Luis Alvarez of the Alvarez Technology Group, a lack of training and education about cybersecurity and threats is a major problem. In fact, the Verizon study showed that 4 percent of people will click on a phishing meal designed to gain access to systems.
“The number one line of defense that any business has against cyber threats is what I call the Human Firewall, the people who work in the business,” Alvarez said. “If you look at most successful cyber attacks and crimes, the root cause was someone doing something to let the bad guys in, whether that was clicking on a link or opening a suspicious email.”
“Employee training is one of the least expensive and most effective tools an organization can use to reduce the risk of a cyber attack,” notes a recent National Law Review article.
Training can take on many forms. Formal training should include education about your company’s policies and procedures. Awareness about how to spot a potential phishing email is another important component. Informal training may include communication about threats that are active, especially at times when phishing escalates, such as near year-end holidays or during tax season.
Some companies distribute emails that simulate a phishing attack with follow-up for those employees who are duped.
“Don’t think of cybersecurity as a one-and-done thing but instead as a continuous program of education and training to protect the company,” Alvarez said. “Your employees are on the front line of cyber threats. Teach them how to protect themselves and the firm.“
Most businesses think that the tools — anti-malware protection, firewalls and VPNs — are the most important components of cyber safety and while they are necessary and important, without proper awareness training, mistakes can and will be made,” Alvarez notes.
It’s a comprehensive approach to cybersecurity that is most effective against attacks.
Cybersecurity occurs at multiple levels. In addition to employee awareness and training, companies should partner with an IT services provider to consider the following:
At Alvarez Technology Group, we offer a complete range of cybersecurity services. To schedule a free consultation to learn more about how we help companies protect their data, contact us today.
Alvarez Technology Group, Inc.
P.O. Box 965 Salinas, CA 93901
Toll Free: 1-866-78-iTeamLocal: (831) 753-7677
Fax: (831) 753-7671