Factors Driving Employees as Cybersecurity Risks
Securing cyber assets has become a priority to-do job in all business models with the IT department making strides in the same directions. But observations project that most of the efforts are restricted to safeguarding assets from external attacks, whereas, internal attacks make assets equally vulnerable. Most domestic attacks are carried out by employees within the organizations unknowingly. Employees’ being a part of the security system gives hackers an easy gateway to breach central data repository to carry out malicious activities. Businesses opting cloud platforms is one major reason behind the same as employees are veering towards remote operation making them move out of organizations IT security system.
• Lack of Awareness: Usually non-technical employees are not aware of burgeoning threats and methods to combat them. They have no details on cybersecurity measures and factors affecting it. Practices applied by such employees to utilize organization resources, increase the threat attacks.
• Phishing Mails: Old yet effective method of hackers to breach in. Employees with low technical knowledge are the main cohort that gets trapped in the phishing scam. Phishing mails are emails demanding sensitive information and appear to be sent by a legitimate company. Else, they might contain links to a malicious fake website of notable ones and seems very believable one. Signs of phishing mail are not addressing receiver by name, sender’s address is doubtful, typing errors, and persuading one to open provided links. It is advisory to contact IT cell in case of doubts.
• Accessing Unsecured Networks: Public Wi-Fi is the biggest lure for employees, hackers utilize them as bait to trap. Usually, employees operating outside the premise connect mobile devices with public Wi-Fi to carry on with the work giving malware an invite invade organization’s database. Instead, companies must provide them with personal mobile Wi-Fi routers or get paid VPN service activated on the company’s devices to act as an extra layer of security.
• Installing Illegitimate Applications: A common habit where employees install illegitimate software on the company’s device either for organizational use or personal use. Such applications have high chances of being infected with malware. It advisory to cross-check the legitimacy of applications before installing them and only download them from official app stores.
By Chris Tjotjos, VP, Cisco Solutions Practice, Black Box...
By Laura Jackson, Sr. Manager-Risk Management, ABS Consulting
By Jason Cradit, VP of Information Systems, Willbros Group
By Steve Garske, Ph.D., Senior Vice President & Chief...
By Roman Trakhtenberg, CEO, Luxoft
By Renee P Wynn, CIO, NASA
By Mike Morris, CIO, Legends
By Louis Carr, Jr., CIO, Clark County
By Andrew Macaulay, CTO, Topgolf Entertainment Group
By Dominic Casserley, President and Deputy CEO, Willis...
By Dave Nelson, SVP-Portfolio Lead, Avanade, Inc.
By Michael Cross, SVP & CIO, CommScope Holding Company Inc.
By Pauly Comtois, VP DevOps, Hearst Business Media
By Dan Adam, CIO, Extreme Networks
By Matt Schlabig, CIO, Worthington Industries
By David Tamayo, CIO, DCS Corporation
By Scott Cardenas, CIO, City and County of Denver
By Marc Kermisch, VP & CIO, Red Wing Shoe Co.
By Brian Drozdowicz, VP, Digital Services, Siemens...
By Les Ottolenghi, EVP and CIO, Caesars Entertainment