User Awareness

Cybersecurity is Everyone's Business

Educating Employees About User Awareness Gives the Best Return on Cybersecurity Dollars

Where do you think the number one threat to cybersecurity for New York businesses comes from today? Russia? North Korea? ISIS? In fact, the greatest threat to your cybersecurity is from within your own organization. We’re not talking about disgruntled employees, either. These are hard-working, well-meaning staff who click on the wrong link or open the wrong email attachment, essentially inviting the hackers in. It comes down to one thing: a lack of user awareness.

User Awareness Training from CompCitiA Wall Street Journal article in September 2017 reported that 91% of cyber attacks begin with a “phishing” email. This email, which is usually disguised to be from a legitimate source such as a bank or even a colleague, directs the receiver to click on a link. If the employee falls for it – and it only takes one out of all your employees to fall for it – suddenly cyber criminals have a direct gateway to all your sensitive data including customer information, sales, and more. 

One famous cautionary tale is how cyber criminals attacked Target “through the air conditioning.” An employee of one of Target’s HVAC sub-contractor opened a phishing email while that company’s system was connected to the retailer’s systems. With one click, he opened the door for hackers allowing them access to the personal information of 110 million Target customers.

Cybersecurity is Everyone’s Business

Cybersecurity is everyone’s business including employees. Just as they are taught how to use pass keys, pass codes, and other secure systems, cybersecurity user awareness should be routine training for all members of your organization. However, employees are still the weakest link in cybersecurity for the average organization in New York.

A Verizon 2017 Data Breach Investigation Report revealed just how widespread the problem is:

  • 81% of all hacking related breaches used compromised credentials
  • 15% of phishing attack victims fall victim second time
  • 95% of phishing attacks were followed by some form of software installation
  • 75% of individuals use same passwords for different accounts

User awareness training is the best way to reduce these numbers.

User Awareness Training a Cornerstone of Any Cybersecurity Program

The Verizon study reveals just how important user awareness is to an organization. One of the easiest ways to vastly improve your in-house cybersecurity program is to properly train employees on the dangers of cyber threats through annual training and reminder sessions/memos. Topics should include:

  • Malicious websites – how to identify and avoid them
  • Phishing/spear phishing – what it is, and the importance of not clicking on links
  • Secure and strong passwords – including the importance of not using one password for multiple uses
  • Public WiFi dangers
  • Mobile media and their security risks
  • The importance of updating device software regularly
  • Ways to improve data security and reduce the risk of breaches
  • How to report a breach

To this last point, companies are moving away from punishing employees who do report breaches. This is because an employee is less likely to report a breach or may delay in reporting a breach if he or she believes there may be consequences such as disciplinary action or even dismissal. On the other hand, rewarding employees who report potential cybersecurity threats encourages employees to report them faster. This in turn could minimize damage to your organization.

Here are a few organizations working on spreading the culture of cybersecurity by providing free resources on cybersecurity and user awareness:

Small Business Administration (SBA) https://www.sba.gov/learning-center

NCSA – National Cyber Security Alliance https://staysafeonline.org/stay-safe-online/

DHS – Department of Homeland Security https://www.dhs.gov/publication/stopthinkconnect-small-business-resources

CompCiti Business Solutions, Inc.Contact us for a free cybersecurity assessment

CompCiti User Awareness Training – Reduce Your Risks of Cyber Attack

If your organization is based in New York City, contact CompCiti for a Free Cybersecurity Assessment, and to find out about our User Awareness Training programs. We have all the latest information on the malicious ways cyber criminals are tricking employees, how to spot potential danger, and what to do to reduce your organization’s risk of cyber attack. It’s an easy and effective way to train your employees with the latest information and the least hassle for you.

Find out why CompCiti is one of the most trusted cybersecurity, cyber management, and networking companies in New York. Then Contact Us to start your free cybersecurity assessment.

CompCiti Google 5-Star Rating

Contact CompCiti

Find Out How CompCiti Can Increase Your Cybersecurity and Keep Your Company Safe