A breach can happen at any point in time but it is important to mitigate the risk of this impacting your business.
There are many articles on the web about changing passwords, updating systems frequently and being aware of potential phishing attacks to maintain the security of your business. The only thing is; are we reaching the right audience when it comes to these articles?
We know that security experts understand the ins and outs on how to stay secure but the real targets of such an attack are employees who may not be aware that the smallest error could cause a gap in the security of the system.
Find below cybersecurity stats that have been collated from a number of recent studies done in the last two years:
Almost 90% of cyber-attacks are caused by human error or behaviour:
Data can be compromised in the simplest way. From an employee leaving a laptop in a cab or at a café to the device being stolen.
Employee negligence was a factor in two-thirds of the incidents assessed. In fact, external threats, malicious activities and extortion were much less common causes.
Companies need to start providing security awareness training to their staff beyond simply sending an email to them on security. Staff need to understand the importance of following security protocols when required.
Insiders carried out 60% of all attacks:
According to IBM security intelligence index, IBM found that 60% of all attacks were carried out by insiders, of these three-quarters involved malicious intent and one-quarter involved inadvertent actors.
Here are a few examples of how a hacker can break into your infrastructure and use the information in there to his advantage;
An IT admin will have access to the company infrastructure but one small mistake can turn into a catastrophe.
Passwords that are easy to break into, remember it takes a hacker at least an hour to crack a password.
Identity theft is so common these days especially when so much can be found off the internet from social media platforms.
72% of professionals admitted they would be willing to share sensitive or regulated information if prompted:
The above statistic, taken from Dell’s end user security survey, looks unreal but what is even more shocking is that 65% believe that they are responsible to protect confidential data. This only shows that the staff may not be sharing information for any malicious reason but they need to be aware of who they are sharing it with and why? At the end of the day, it is not only protecting the people or the data but also the infrastructure and network of the business.
91% of cyberattacks begin with spear phishing e-mails:
Spear Phishing is now a trending form of attack. It is when the e-mail looks genuine and seemingly from a trusted source but targets individuals who will reveal confidential information inadvertently. 94% of spear fishing e-mails use malicious file attachments and 6% use methods such as malicious links in these e-mails.
43% of cyberattacks are aimed at small businesses:
Small business are targeted by cyberattacks because their security is often weaker due to an inability to invest in enterprise security or they do not take cybersecurity seriously.64% of small businesses have experienced web-based attacks via phishing, social engineering, malicious code or botnets and denial of service attacks.
95% of breached records came from 3 industries- Government, Retail & Technology:
These industries are very popular targets since they have a high level of information about individuals that a hacker can use to his advantage. Businesses need to improve their security planning no matter their size or which industry they are in. If you gather, process or store any kind of customer information, you are responsible in making sure the data is protected.
We do not want to preach about security but we want every individual in a business to practice it. If you would like to speak to our subject matter experts for further advice, call us: 1800 903 552 or e-mail us.