Have you thought about the hardest threat to detect?
Through clever detection and prevention software, companies are able to detect when an outsider attempts to access their data either physically or electronically and mitigate these malicious attempts. Whilst many companies invest time & resource into keeping their information out of the hands of outsiders, they tend to forget the real threat which could cause the most damage; their employees…
The Human Factor
The rise of social media & ‘bring your own device’ (BYOD) has had a huge impact on the human link of the security chain – giving attackers more ‘surface area’ to launch attacks. Also considering we are so dependent on technology – it is surprising how ignorant we are of how this technology works & the constantly evolving threat landscape.
Attackers exploit this human weakness – using malware (i.e. viruses, fake websites) & social engineering techniques (such as tricking you into revealing personal information by pretending to be someone you know). Did you know;
- 91% Brits using social media at least once a week have been asked to connect online with someone they have never met, 51% have accepted these requests.
- 63% websites distribute malware** (even legitimate ones!).
- Mobile malware is increasing, with 32% mobile threats stealing information **
Digital Criminal 2012: Cyber Safety report
** 2013 Internet Security Threat Report, Volume 18
Insider Threat: An employee has the company’s trust, know the systems and know the flaws and weaknesses of these systems allowing them legitimate access to critical data. If they decide to steal or corrupt data for a variety of motivations the consequences could be just as bad as if it was in the hands of an outsider. Plus these threats are harder to trace!
The Centre for the protection of National Infrastructure (CPNI) analysed 120 UK based companies insider threat incidents. The ‘CPNI Insider Data Collection Study’ found that…
- 88% of insider threats were performed by permanent staff.
- 76% of cases were self-initiated rather than a result of deliberate infiltration (6%).
- Poor security culture was often found to exist in the department where the insider workedDigital Criminal 2012: Cyber Safety report.
Education & Awareness -the Human Anti-Virus?
We think so. With the phenomenal growth in both cyber opportunities and cyber risks in all Industries, there is an acute shortage of cyber security skills and understanding at every level. One of the most effective counter measures is education, i.e. knowing what to look out for, for example dubious email attachments, online friend requests or suspicious behaviour.
It is not only us, however, that thinks education is vital in order to ensure that the UK continues to be a safe place to do business in cyberspace. – The UK Cyber Security Strategy states that, ‘Building the UKs Cyber security knowledge, skills & capability,’ is one of its top 4 objectives.
Templar executives is passionate about Cyber Security training – that is why we have launched the Cyber Academy, so that employees can enhance their Cyber Security awareness to maximise their potential and to help bridge the knowledge gap, protecting UK PLC & equip them with the confidence to exploit the huge benefits that cyber space has to offer.
The Cyber Academy offers a unique and comprehensive Information Assurance and Cyber Security training programmes Delivered by a team of Templar specialists, The Cyber Academy combines knowledge and application of learning through engaging methodology and using case studies, real life scenarios, assessments and expert keynote speakers from both the private and public sector.