As National Cyber Security Awareness Month (NCSAM) approaches, something to consider is the importance of cybersecurity within your own company. Since January 2015, the FBI announced a 270% increase of identified victims and exposed loss because of Business Email Compromise (BEC) scams.
In a recent security assessment at DigiCert, many employees received emails with strange content. In response, the emails were reported so that appropriate measures could be taken for further investigation. Online security is one of DigiCert’s greatest priorities, and this email assessment was part of the company’s continuing education towards a better awareness for online security.
So, how can a business avoid becoming one of these identified victims? One answer lies within employee education.
Inadequately trained employees can be a weak link in any security landscape if they are unaware of what Internet scams look like. Business emails appear to be a primary target for criminals. Phishing emails breach user inboxes every day and because they often come from legitimate sources, employees often fall into an attackers trap by clicking on malicious links. These links then download malware that expose classified information.
Phishing scams are most successful in the moment an attacker clicks send, before blacklists have time to pick them up. Employees should know how to recognize these scams so they can report the offense as soon as they receive it.
Furthermore, while some employees are aware of the dangers of cybersecurity, 80% admit to engaging in some risky behavior while at work . Risky behaviors include the following:
The challenge then becomes knowing how to prevent employees from posing a risk despite their knowledge of online security.
The suggests a few simple practices for employees to follow in order to implement enhanced security in the workplace:
Keep a clean machine: Apply all company rules regarding program installation on all work computers. Protect the network from unknown outside programs that can breach security and open vulnerabilities.
Follow safe password practices: Make passwords strong by length, mixtures of upper and lowercase letters, and various numbers and symbols. Change them routinely and use password managers, like LastPass, to help keep passwords private and secure. Use spam filters: Educate employees about the use of company spam filters to prevent harmful emails. Do not click on suspicious links or attachments within emails; delete them right away. Back up your work: Set up company computers to automatically back up work assignments or ask employees to do it themselves.
When you educate employees on company policies regarding Internet security, both company credibility and standards are upheld not to mention confidential information remains secure. Conduct regular company assessments and educational opportunities so employees learn how spot potential threats and utilize best security practices. Security best practices will make your company both safe and successful.