Strategic Group Blog

Everything you need to know about IT and technology

close
Written by Emily Gam
on October 22, 2018

With the threat of cyber-attacks on the rise, the introduction of the Mandatory Data Notification laws and the growing awareness of cyber security, you would think that people are getting better at identifying and preventing these attacks, right?

Wrong.

The State of Privacy and Security Awareness Report from security firm MediaPRO has found that employees actually performed worse this year than in 2017 across all eight threat vectors that were measured. Some of these include knowing how to spot a phishing email, identifying malware warning signs and general social media safety.

The report found that Finance sector employees performed the worst out of all the industries measured with 85% of finance workers showing some lack of cyber security and data privacy knowledge.

Also troubling is the fact that staff in management roles or above showed riskier behaviours than entry or mid-level employees. 77% of respondents in management showed a general lack of awareness of cyber security, while 74% scored the same in lower level positions.

These numbers should be particularly troubling for businesses, given the sharp rise and sophistication of cyber-crime and the requirements for business under the Mandatory Data Notification law.

We live in an age where stories about cyber security are constantly swirling, which can actually create a sense of security fatigue, but these levels of riskiness are alarming. It only takes one person to click on the wrong email that lets in the malware that infiltrates your company’s data. Without everybody being more vigilant, people and company data will continue to be at risk.” Tom Pendergast, Chief Security & Privacy Strategist at MediaPRO.

How can you improve these numbers?

Create formal plan

A formal cyber security plan can be included in your overall IT or Technology Strategy. A formal, documented plan for cyber security will mean that staff have a process to follow if such an incident arises.

Are your staff using outdated computers? Are all software patches up to date? Is new software compatible with your current hardware? These type of questions are ones that are addressed in technology or cyber security strategies, and allow you to see where there may be risks in your business.

As part of your formal plan, it’s worthwhile including a Disaster Recovery Plan in the event that the worst case scenario does happen.

Train your staff

Users are the last line of defense in your business. It doesn’t matter how great your security software is or how much you spend, all it takes is one misplaced click on an email and your whole system can be compromised.

Staff should be trained to pick out red flags and the techniques that hackers use to encourage people to give up valuable information.

Phish your staff

This tip may sound counter intuitive but there are real benefits to testing your staff with different social engineering techniques.

Regularly sending simulated phishing emails to employees reinforces their security training and keeps them on their toes with security top of mind.

Companies that have implemented white hat phishing and training have seen a significant drop in staff clicking on compromised emails.

Cyber Security is becoming more important for both clients and businesses with clients expecting that their personal data is protected. Businesses now have a responsibility to make sure their client’s information is protected and reasonable steps are made to ensure it never falls into the wrong hands.

Secure

Let Us Know What You Thought about this Post.

Put your Comment Below.

You may also like:

News Productivity Technology

Top tech gifts to buy this Christmas

The holiday season is the perfect time to surprise loved ones with thoughtful gifts, and for the tech enthusiasts in you...

News Productivity Technology

How the Right Meeting Room Can Enhance Collaboration

In any workplace, collaboration is key to success, and the right meeting room technology can make a world of difference....

News Security AI

Maximising an AI Implementation in Accounting: A Step-by-Step Approach

AI technologies are transforming numerous sectors, including the field of accounting. While AI's promise is vast, a stra...