Traditionally firewalls have been considered the edge of a network perimeter, and the first line of defense against cyber attacks. Firewalls, however, can only be as effective as the weakest link in the security chain. Often, the weakest link is on your payroll.
This is especially problematic for small to medium size business who, according to Berkshire-Hathaway, are the target for 62% of cyberattacks:
“The cost of a cyberattack can be devastating to a small-business owner. According to First Data, the average cost of a small-business data breach is $36,000, though it could reach or even exceed $50,000 by the time everything has been dealt with. 60 percent of small businesses who experience a data breach go out of business within six months.”(1)
It is well known that modern cybercrime attacks frequently start with social engineering tactics, such as phishing schemes, targeted against employees. What is less known, is how to effectively prevent these attacks and turn employees from the weakest link into a first line of defense.
Generally speaking, employees are good at heart and don’t seek to expose sensitive information to criminals. However, too often employees aren’t trained to recognize the tactics used by cyber criminals, causing them to become one of the most common and effective targets.
Cyber security training and awareness can be one of the most simple and inexpensive security efforts for an organization, along with high velocity software patching. Some security experts will attest these two categories, if properly managed, will insulate an organization from 95% of the cyber risk exposures.
Addressing your technical controls around network exposures is important, but training your end-users is equally as critical in strengthening your company’s cyber security posture.
Learn more about how RiskAnalytics helps protect the human element of risk.