Skip to main content

Cyber Security: Are Your Staff Members Your Weakest Link?

By 28th November 2019Blog3 min read

One of the biggest threats facing businesses these days, no matter their size or what industry they’re in, is hacking – cyber criminals doing all they can to access your networks using the likes of malware and ransomware for their own financial gain.

We’re lucky in the sense that there’s all sorts of technology at our disposal that we can use to protect our business networks, but what companies should also bear in mind is that the weakest link of them all in their defences may actually be their employees.

Accenture’s most recent Cost of Cybercrime study found that cyber criminals are now evolving their methods of attack and are increasingly targeting the human layer through phishing, ransomware and social engineering.

People-based attacks were found to have increased the most, with malware attacks up 11 per cent, web-based attacks up 13 per cent, denial of service up ten per cent and malicious insider attacks up 15 per cent.

As explained in the report, whether it’s with intent or by mistake, employees are often the cause of successful cybercrime incidents.

Insider attacks and the accidental publication of confidential information were found to have the greatest impact across an organisation – but just 16 per cent of chief information security officers say that employees in their companies are held accountable for cybersecurity.

It was recommended that ongoing training and skill reinforcement be provided through the likes of phishing tests, as well as education and the provision of tools and incentives to help staff members define and address risks. But, currently, training people to think and behave with security in mind is still the most underfunded activity in cybersecurity budgets.

“To embed cybersecurity into the fabric of the organization and be effective against any insider threats, organizations must bring together human resources, learning and development, legal and IT teams to work closely with the security office and business units,” it was observed.

Concerningly, a recent report from Forcepoint found that employees may actually be willing to jeopardise your entire operation on purpose, with 14 per cent of European workers saying that they’d sell their work login details to outsiders for as little as £200. And of those who would sell information such as this to outsiders, almost half would do it for less than that.

Even if you believe you have a trustworthy and honest workforce, you would be wise to be on your guard against all forms of cybersecurity threat and in order to tackle internal issues, you could find it beneficial to hold regular awareness programmes for your teams so they know what their responsibilities are, the consequences of cyber attacks and what they need to be on the lookout for.

For help with IT support in Doncaster, get in touch with us today.