The future IT landscape is scary for businesses of today, but it is certainly not insurmountable. Naturally, as the value of data to people and organisations grows, ransomware attacks, data theft and extortion will also continue to be on the rise. But the threats are not just perpetrated through stealthy backdoor tactics, in fact, according to Verizon’s latest Data Breach Investigations Report (DBIR) the vast majority (82 per cent) come straight through the front door via internal staff and contractors. Unfortunately, for the most part, organisations are not equipped to deal with the threat that employees pose to the ongoing viability of the business, particularly from a talent perspective.
The disruption achieved by the underworld of cyber-attacks has been quite significant over the past five years, and it isn’t likely to slow down any time soon. While we are quickly finding advanced methods of protection and defence against these attacks, businesses are generally not equipping themselves adequately to implement them. Big companies such as banks that understand the value of their data have moved quickly to action what is expected of them to protect it. The problem stems from businesses that aren’t big enough or experienced enough to handle their own security, and don’t have capital to invest in it being managed as a service. It lies in both a lack of technical investment and perhaps more importantly, a failure to address the vulnerabilities exposed by people in the business.
The BIG threat
One of the most common (and perhaps more dangerous) preconceptions is that businesses attract most cyber-attacks from the outside. This couldn’t be further from the truth. The biggest threat is, and always will be, people. No matter how good your security infrastructure, processes and procedures are, employees will always provide the easiest attack vectors. While the technical solutions to the problem are certainly not simple, they can be implemented without too much disruption. However, equipping a company with a healthy culture and standards around cyber security is a challenge that many deduce is too complicated to do anything about. The issue with this is that technical solutions can only go so far to protect your company if you have malicious, or more likely, negligent or ignorant employees with access to business data…Click HERE to read full article.