The Danger of A Lack Of Cybersecurity Awareness
Cybersecurity Awareness is more important than ever today. Companies, in particular, are exposed to an enormous risk of cyber attacks. In 2017, for example, large corporations such as FedEx, Nissan, Hitachi, and NHS were paralyzed by cyber-attacks using phishing emails. 150 countries and 200,000 computers were affected. eBay was also the victim of a cyber attack in 2014, in which confidential information was stolen from over 100 employees and more than 145 million customers. A hacker attack on Kaseya shut down thousands of companies and demanded a ransom of $70 million. These are just a few of countless examples that illustrate the danger of a cyber attack.
Cyber Security Awareness In the Company
Every company must therefore deal comprehensively with the topic of cybersecurity. It’s not just about identifying weaknesses in the technology or infrastructure used. Safe handling of this technology is just as important. Employees are one of the biggest vulnerabilities when it comes to cyber security. According to the 2017 Data Breach Investigations Report, more than 90% of cyber attacks can be traced back to human error. A cyber attack has the potential to financially ruin a company or disable it completely. In order to ensure IT security in one’s own company, a risk-aware work culture should be promoted. In the field of IT, this is Cyber Security Awareness.
What Is Cyber Security Awareness?
Cyber Security Awareness is the combination of knowledge and action to protect the information resources of the company. This means that all employees understand what cyber threats are, what potential danger they pose to a company and what measures are required to prevent a cyber attack or minimize the risks.
How Can Cyber Security Awareness be Created?
The first step towards Cyber Security should always be in a company that Checks IT-Infrastructure and protects as best as possible. In the best case, the network is protected by a firewall, the clients or end devices by endpoint security, the W-LAN by secure access points or an SD-WAN, and the login data by MFA (Multi-Factor-Authentication). Who here with the latest security technologies works massively minimizes the risk of a cyber attack.
However, your company’s cyber security is only as strong as your weakest employee. A data breach, which can be extremely expensive for the company and could destroy its reputation, is usually due to human negligence. Therefore, a risk-aware culture should be created in the workplace through meetings, lectures, or training. In particular, the danger of phishing attacks should be expressly pointed out. The training and sensitization of your employees in the field of cybersecurity are next to that of Protection of the IT Infrastructure the best prevention against Cyber Attacks.
Best Practice With Reference To Cybersecurity
- Protect your infrastructure with a holistic security concept and new security technologies
- Implementation of Cybersecurity Awareness Training (e.g. through training courses, lectures, etc.)
- Back up your data (in case your data is lost or corrupted)
Cybersecurity Awareness – Tips for Employees
- Every device that is used in the company or professional should be protected by a strong antivirus program (preferably EPDR)
- A firewall should be active on all devices/in all networks that are used professionally.
- Virus protection programs, firewalls, and operating systems should be updated regularly (and should not be delayed or prevented).
- Incoming e-mails should always be checked for the correctness of the sender and his trustworthiness. Opening e-mails and attachments or clicking on links should be avoided at all costs if the sender is unknown or untrustworthy.
- The fixed Data management (e.g. where is which data stored) should be strictly adhered to.
- Important data should always be backed up (with a Backup).
- All devices that are used for professional purposes should be known to the company’s IT.
- Devices that are used for professional purposes must be protected by an absolutely secure password (a password should be at least 12-15 characters long, and contain upper and lower case letters, numbers, and special characters. In addition, a password should never be used twice or written down will). One is best here Multifactor Authentication, so you don’t have to remember countless passwords.
- No third-party portable storage media (e.g. USB sticks) should be connected to devices that are used for professional purposes.
- Unsecured Wi-Fi networks should be avoided.
- The installation of software on work devices should always be approved by the IT department.
- The loss of an implement should be reported immediately.
- If a cyber attack is suspected, immediate action should be taken. In any case, the IT department should be informed immediately.
Cybersecurity Awareness – Lecture
Would you like advice on cyber security or a presentation in your company?
Contact us without obligation. We would be happy to contribute to more cybersecurity awareness in your company.