Phishing, ransomware, malware—the list of threats goes on and on. To put it simply, if you have people using your network, then you've got serious cybersecurity risks. If you need proof, look no further than the new report from Axelos, which found that 75% of businesses in the U.K. experienced staff-related security breaches in 2015.
"The methods used by cyber criminals to breach organizational systems and networks prey on human vulnerability. By tempting people to open an email attachment or click on a link, for example. In 90% of attacks the success of the attacker requires the help of an innocent person. The natural human responses we all make—to be helpful or curious—can be the beginning of a corporate disaster," the report states.
Obviously people aren't being kicked out of the business world anytime soon, so it is imperative that companies provide continuous cybersecurity education for ALL of the staff. It may seem like a high price tag to provide training for an entire staff, but when you consider how much a data breach can cost (millions), it doesn't seem quite so bad.
Training, however, is only half of the equation. Remember when your mother used to tell you "it's not what you say, but how you say it"? The same saying applies to cybersecurity education. It is imperative to communicate in a way that all employees understand and retain.
Cybersecurity doesn't start with your company's security team, it starts from the top. To secure a network, top executives must set the tone. Employees are much more likely to get on board with security policies when they see someone leading by expample.
Ready to take a proactive approach to cybersecurity for your company? Don't miss Steven Beaudrot's session on risk communication strategies at SecureWorld Boston on March 29-30, 2016. Beaudrot, CRISC has 25+ years of IT leadership experience; currently on the leadership team at Fresenius Medical Care North America as Director of IT Regulatory Management, Audit and Compliance.