You’ve no doubt seen at least one of several different versions of Microsoft’s recent cybercrime television commercials. In it you’ll hear a variation of these words: “Every day you read headlines about businesses being hacked and intellectual property being stolen. That is cybercrime, and it affects each and every one of us.” Behind those words are lot of startling statistics that should give every business reason enough to pause and consider just how secure their company’s information may be, and whether they should be doing more to protect it.
The 2016 Cyberthreat Defense Report for North America, Europe, Asia Pacific and Latin America surveyed 1,000 security practitioners and decision-makers in 10 different countries. Here are eight hard-hitting facts revealed in that report (source):
- 76% of responding companies were breached in 2015.
- 62% of them believe a successful attack is likely in 2016.
- 85% spend more than 5% of their entire IT budget on security.
- 86% are committed to evaluating new endpoint security solutions.
- 65% have seen an increase in mobile threats compared to the previous year.
- Malware and spear-phishing appear to be the most common form of attacks.
- The number of companies allowing BYOD is declining.
- The biggest obstacle to security is lack of awareness among employees.
I placed extra emphasis on factoid #8 because it’s really the most important one out of all of them, and the one companies should be focusing on over and above all others. Another survey of more than 700 IT security practitioners by Ponemon Institute, 78% of the respondents said that the biggest endpoint security threat to their organization was negligent or careless employees who do not follow security policies.
Some of the problems are surprisingly simple. You’d be surprised how often people leave work laptops or mobile devices out in the open outside of the workplace, unprotected and unencrypted. Using stronger passwords is another piece of low-hanging fruit in the orchard of cyber-security. But there are many more, and it’s up to each company to know them and educate their employees about them.
Companies can and must do more to make sure everyone in the organization has a good understanding of what they can do to protect company information. If you’re looking for a great place to start, eLeaP has cyber security courses you can implement immediately. Courses include Cyber Security Awareness Part 4: Password Management, Cyber Security Awareness Part 5: Internet And Physical Security, Cyber Security Awareness Part 3: Malware, Cyber Security Awareness Part 2: Social Engineering, Cyber Security Awareness Part 1: Why You Should Care, The General Data Protection Regulation (GDPR) Part 4: Responsibilities Of Controllers Or Processors, The General Data Protection Regulation (GDPR) Part 3: Foundations Of Data Processing, The General Data Protection Regulation (GDPR) Part 2: Five Basic Principles, The General Data Protection Regulation (GDPR) Part 1:, Why GDPR, Cyber Security For Employees
Only when all employees are thoroughly familiar with all the different ways they can inadvertently compromise company information can businesses begin to make headway in reducing the risk of the serious data breaches that cause headaches for everyone. The course concludes with a short post-assessment that, with an adequate score, will award learners with a certificate of security awareness.
Don’t Miss These Essential Tools