Employees hide IT security incidents in 40% of businesses around the world
Employees hide IT security incidents in 40% of businesses around the world – that’s according to a new report from Kaspersky Lab and B2B International, “Human Factor in IT Security: How Employees are Making Businesses Vulnerable from Within”. With 46% of IT security incidents caused by employees each year, this business vulnerability must be addressed on many levels, not just through the IT security department.
Walking hackers to your door
Uninformed or careless employees are one of the most likely causes of a cybersecurity incident — second only to malware. While malware is becoming more and more sophisticated, the sad reality is that the evergreen human factor can pose an even greater danger.
In particular, employee carelessness is one of the biggest chinks in corporate cybersecurity armor when it comes to targeted attacks. While advanced hackers might always use custom-made malware and hi-tech techniques to plan a heist, they will likely start with exploiting the easiest entry point – human nature.
According to the research, every third (28%) targeted attack on businesses in the last year had phishing/social engineering at its source. For example, a careless accountant could easily open a malicious file disguised as an invoice from one of a company’s numerous contractors. This could shut down the entire organization’s infrastructure, making the accountant an unwitting accomplice to attackers.
“Cybercriminals often use employees as an entry point to get inside the corporate infrastructure. Phishing emails, weak passwords, fake calls from tech support – we’ve seen it all. Even an ordinary flash card dropped in the office parking lot or near the secretary’s desk could compromise the entire network — all you need is someone inside, who doesn’t know about, or pay attention to security, and that device could easily be connected to the network where it could reap havoc,” says David Jacoby, Security Researcher at Kaspersky Lab.
Sophisticated targeted attacks do not happen to organizations every day – but conventional malware does strike at mass. Unfortunately though, the research also shows that even where malware is concerned, unaware and careless employees are also often involved, causing malware infections in 53% of incidents.
Hide and seek: why HR and top management should get involved
Staff hiding the incidents they have been involved in may lead to dramatic consequences, increasing the overall damage caused. Even one unreported event could indicate a much larger breach, and security teams need to be able to quickly identify the threats they are up against to choose the right mitigation tactics.
But staff would rather put organizations at risk than report a problem because they fear punishment, or are embarrassed that they are responsible for something going wrong. Some companies have introduced strict rules and impose extra responsibility on employees, instead of encouraging them to simply be vigilant and cooperative. This means that cyberprotection not only lies in the realm of technology, but also in an organization’s culture and training. That’s where top management and HR need to get involved.
“The problem of hiding incidents should be communicated not only to employees, but also to top management and HR departments. If employees are hiding incidents, there must be a reason why. In some cases, companies introduce strict, but unclear policies and put too much pressure on staff, warning them not to do this or that, or they will be held responsible if something goes wrong. Such policies foster fears, and leave employees with only one option — to avoid punishment whatever it takes. If your cybersecurity culture is positive, based on an educational approach instead of a restrictive one, from the top down, the results will be obvious,” comments Slava Borilin, Security Education Program Manager at Kaspersky Lab.
Borilin also recalls an industrial security model, where a reporting and ‘learn by mistake’ approach are at the heart of the business. For instance, in his recent statement, Tesla’s Elon Musk requested every incident affecting worker safety to be reported directly to him, so that he can play a central role in change.
The human factor: corporate climate and beyond
Organizations around the world are already waking up to the problem of their staff making their businesses vulnerable: 52% of companies surveyed admit that staff are the biggest weakness in their IT security. The need to implement personnel-focused measures is becoming more and more evident: 35% of businesses are looking to improve security through delivering training to staff, making this the second most popular method of cyber defense, second only to the deployment of more sophisticated software (43%).
The best way of protecting organizations from human-related cyberthreats is to combine the right tools with the right practices. This should involve HR and management efforts, to motivate and encourage employees to be watchful and seek help in the case of an incident. Security awareness training for staff, delivering clear guidelines instead of multipage documents, building strong skills and motivation and fostering the right working atmosphere, are the first steps organizations should take.
In terms of security technologies, most of the threats aimed at targeting unaware or careless employees – including phishing – can be addressed with endpoint security solutions. These can cover the particular needs of SMB and enterprise companies in terms of functionality, pre-configured protection or advanced security settings, to minimize risks.
Pingback: xwc34rwxrw34rwc34c
Pingback: https://www.manytube.net/
Pingback: https://royalcbd.com/product/cbd-gummies-10mg/
Pingback: https://royalcbd.com/product/cbd-capsules-25mg/
Pingback: https://www.dbb369.com
Pingback: 918kisslogin.app
Pingback: https://disavowbacklink.s3-ap-southeast-1.amazonaws.com/docung/disavow-11.html
Pingback: coating inspection
Pingback: pharmacies in canada
Pingback: extremely fast weight loss methods
Pingback: 메리트 카지노
Pingback: how to change eu driving license to uk
Pingback: running sunglasses
Pingback: blackjack online
Pingback: great wall 99 download link 2020
Pingback: heathrow to brighton taxi
Pingback: Rumah bsd tangerang
Pingback: sàn forex uy tín
Pingback: film izle
Pingback: surrey handyman
Pingback: learn about canada
Pingback: game slot paling mudah menang
Pingback: Drucker mieten für Veranstaltungen
Pingback: Aaron Lal
Pingback: stakexchain business presentation
Pingback: Dollhouse168
Pingback: mega888 free game
Pingback: 34cr4rxq3crq34rq3r4
Pingback: c34r54wxw4r34c3
Pingback: social media giveaway ideas
Pingback: xcode twitter login
Pingback: pawn rolex Boston
Pingback: slot indonesia
Pingback: portable power
Pingback: Quote
Pingback: cbd oil
Pingback: best cbd for dogs
Pingback: شركة كشف تسربات المياه بالاحساء
Pingback: feline kidney diet
Pingback: best cbd oil for dogs
Pingback: buy cbd
Pingback: Julian Di Benedetto
Pingback: big hammer
Pingback: JakeGeruson
Pingback: Binance
Pingback: https://www.schweizseo.ch/domino-11-laeuft-jetzt-sicher-auf-ibm-i-power9/
Pingback: 강남 안마
Pingback: retail sales staff
Pingback: Cipsia
Pingback: Aaron Lal
Pingback: delivery robe
Pingback: t-shirts design
Pingback: porn
Pingback: VGA
Pingback: find a private investigator
Pingback: skull ring men
Pingback: Supplement.
Pingback: survival garden
Pingback: payday loans in stanfold wi
Pingback: buy_traffic
Pingback: delta 8 THC for sale
Pingback: tabletki na erekcje
Pingback: London Escorts
Pingback: Confrontational meaning
Pingback: read more
Pingback: Click
Pingback: read more
Pingback: read here
Pingback: read more
Pingback: thedamony
Pingback: Viagra
Pingback: slot1668
Pingback: Salewa Xplorer Harness
Pingback: recettes faciles
Pingback: payment facilitator vs payment processor
Pingback: bestuurbare auto
Pingback: W88vnbet
Pingback: credit card processing affiliate programs
Pingback: sattamatka
Pingback: best online casino malaysia
Pingback: Kamagra opinie
Pingback: hitet e reja shqip
Pingback: situs judi bola terbesar
Pingback: computer disposal companies
Pingback: Xxx video mitrade
Pingback: best delta 8 thc gummies
Pingback: Food License
Pingback: introduction cob led strips
Pingback: Best THC Gummies
Pingback: weed near me
Pingback: Global celebrity Life Coach
Pingback: links
Pingback: deals this week
Pingback: playtech slot
Pingback: comparatif souris gamer
Pingback: d rugs
Pingback: dyson
Pingback: Akun Togel Resmi Dan Terpercaya
Pingback: CBD oils
Pingback: mesothelioma how long to live
Pingback: Victor Metlege
Pingback: Naked videos
Pingback: airport eagles contact number
Pingback: 300mg CBD Gummies – Strawberry Lemonade
Pingback: detox tea
Pingback: delta 8 moon rocks
Pingback: COVID19
Pingback: Love spells that work
Pingback: glycerin vs petroleum jelly
Pingback: w88
Pingback: Cannon
Pingback: Amherstnational.com
Pingback: https://ad.beegix.com/search/cocu
Pingback: Great Dane Puppies for sale in Illinois
Pingback: best adjustable bed
Pingback: vn88cuoc
Pingback: 더온카지노
Pingback: fb88vnd
Pingback: jbo
Pingback: link vao sbobet
Pingback: strawberry clery
Pingback: fun88asia
Pingback: nha cai fb88
Pingback: His Secret Obsession Hero Instinct PDF
Pingback: usa pharmacy
Pingback: Chauffeur in brighton. chauffeur transfers to heathrow . chauffeur to gatwick
Pingback: Pat Mesiti
Pingback: Celebrity Story
Pingback: other sites like ebay
Pingback: buy bulk sms
Pingback: Cryptocurrencies news
Pingback: Weird Story
Pingback: fix my credit for free
Pingback: Microsoft Windows Server 2019 Standard
Pingback: Finance
Pingback: bimbim
Pingback: Daily CBD
Pingback: 파워볼
Pingback: Is Real Estate Investment Trusts A Good Career Path
Pingback: right here
Pingback: computer parts recycling near me
Pingback: recycling laptops
Pingback: 1 User Cal
Pingback: missing adult
Pingback: child porn blog
Pingback: condonlotto.com
Pingback: SPBO
Pingback: cainglotto
Pingback: t5 spalacz opinie
Pingback: najlepsi kulturyści
Pingback: สูตรสล็อต ฟรี
Pingback: corporate private investigators
Pingback: panda boyama
Pingback: is selling credit card processing a good job
Pingback: office warehouse for rent
Pingback: how to make twitter moments
Pingback: cryptocurrency merchant services
Pingback: Bitcoin Merchant Processor
Pingback: milosc na odleglosc
Pingback: kościelny rozwód
Pingback: zasilacz 12v dopuszkowy
Pingback: ซื้อหวยออนไลน์
Pingback: theft in the workplace
Pingback: burlington wedding photographer
Pingback: Guided-Meditation-to-Fall-Asleep-Fast
Pingback: GTE-Tech-Predictions
Pingback: Chứng chỉ quỹ là gì
Pingback: 홀덤 사이트
Pingback: https://robloxsongidcodes.com/|https://robloxsongidcodes.com|http://robloxsongidcodes.com/|www.robloxsongidcodes.com|robloxsongidcodes.com|roblox song id codes|roblox music codes|roblox song ids|roblox song codes|roblox music id codes|roblox id|roblox mus
Pingback: Womply Payout
Pingback: house painters Austin tx
Pingback: pg slot
Pingback: 카지노먹튀
Pingback: Black Magazine
Pingback: Fencing San Jose
Pingback: Trademark Registration Shenoy Nagar
Pingback: YOURURL.com
Pingback: Premium Sexpuppen
Pingback: here navigation
Pingback: cleaning services dubai
Pingback: Wholesale Vape Tanks In Woodstock Ga
Pingback: cleaning services dubai
Pingback: learn the facts here now
Pingback: pozycjonowanie
Pingback: #midnightdate
Pingback: use this link
Pingback: zobacz strone
Pingback: http://krajowy.biz
Pingback: Concrete company Gonzales