A former employee for a company handling flight operations for major automotive companies, deleted critical employment information two weeks after he resigned from his position. According to reports, the employee was upset about being released by the company earlier than he had anticipated.
Statements from the company indicate that the disgruntled former employee was one of only three people who knew the log-in and password information for the firewall that protected the employee data base.
There are a number of ways your company can protect itself from insider or disgruntled employee threats:. Thanks Ron for this wonderful overview of security threats to small businesses. I think a lot of these things are often overlooked by small business owners, and they could save a lot of time and money if they were just a little more proactive in their business security.
Thanx a million Ron for the article it helps lot to learn things. I also saw another article last night where the owner of a huge company lost millions because of an unknown virus. All rights reserved. Share on Flipboard. Share on BizSugar. Email this Article. By Ron Teixeira Over the past two years, there have been a number of high-profile data breach cases involving major corporations.
Here is a summary of the top five threats: 1: Malicious Code. A northeast manufacturing firm software bomb destroyed all the company programs and code generators. Subsequently the company lost millions of dollars, was dislodged from its position in the industry and eventually had to lay off 80 workers. Moreover, ensure that all computer software is up-to-date and contains the most recent patches i. The laptop contained Encryption programs encode data or make it unreadable to outsiders, until you enter a password or encryption key.
A medium-size bicycle manufacturer relied heavily on email to conduct business. To make sure this does not happen to you, instruct all employees to contact their manager, or simply pick up the phone and contact the person who sent the email directly. Be mindful of how you set and monitor their access levels. As you can see for this recent statistic, privilege abuse is the leading cause for data leakage determined by malicious insiders.
Protecting sensitive information is essential, and you need to look inside, as well as outside to map and mitigate potential threats. But have you considered the corporate cybersecurity risks you brought on by doing so? The bright side is that awareness on the matter of BYOD policies is increasing. When it comes to mobile devices, password protection is still the go-to solution.
Overall, things seem to be going in the right direction with BYOD security. But, as with everything else, there is much more companies can do about it. We know that there are plenty of issues to consider when it comes to growing your business, keeping your advantages and planning for growth.
So budgets are tight and resources scarce. It needs funding and talent to prevent severe losses as a consequence of cyber attacks. A good approach would be to set reasonable expectations towards this objective and allocate the resources you can afford. The human filter can be a strength as well as a serious weakness. Educate your employees , and they might thank you for it.
This training can be valuable for their private lives as well. Being prepared for a security attack means to have a thorough plan. This plan should include what can happen to prevent the cyber attack, but also how to minimize the damage if is takes place. Unfortunately, the statistics reveal that companies are not ready to deal with such critical situations:.
If employees bring in their own devices they can also take them home, or traveling, allowing them to work from places other than the office. Allowing employees to bring their own devices to work can present its own problems. However, some businesses embrace BYOD without fully considering the security risks that it may present. Steps such as only allowing access to company networks through a virtual private network VPN , and ensuring employees implement 2FA on all their accounts are definite steps that should be included in such a policy.
As with so many of the issues mentioned on this list, employee education is key: employees need to understand what good cyber security practices are, and the potential consequences for the company if they are not followed.
Originally shared on Medium. Skip to content. People The number one weak link for businesses when it comes to cyber security — by a long, long way — is the people who work in the business. A host of new and evolving cyber security threats is keeping businesses and the information security industry on high alert.
A survey conducted by the World Economic Forum shows that cyber attacks are the number one concern for executives in Europe and other developed nations. They can take down entire websites, steal sensitive information or corrupt entire databases with just a click of a button.
From healthcare institutions to government facilities and online stores, no business industry is exempted from this challenge. Now more than ever, it is important to be proactive in understanding the cyber security risks we face and also learn how to protect our businesses — large or small.
Social engineering attacks use deception to exploit social interactions to gain access to valuable data. The criminals behind these attacks manipulate employees or associates into disclosing sensitive information or bypassing security measures.
Social engineering attacks are on the rise and unfortunately, even the best cyber security systems cannot reliably stop them. The best defence is to educate your employees on the importance of following laid out protocols and to always be on the lookout for out of the ordinary conversations. Many retailers use third parties for services such as payment processing. Unfortunately, using a third party vendor does not absolve you from the responsibility of a data breach on the vendor. Even if an attack originates from a third party, you are still liable and are legally required to notify regulators and your clients not to mention that the fines and penalties are very steep.
This is how many attacks start — outdated software. If you are not up to date with software patches, your company is severely vulnerable to any number of information security breaches. Attackers are actively looking for software vulnerabilities they can attack. Cloud services are now an essential tool for businesses of all sizes. However, this reliance on cloud services exposes businesses to a wide range of cyber-attacks including denial of service attacks DoS and account hijacking.
No technology is completely safe from vulnerabilities and so a holistic approach is important in protecting organisations — including taking up insurance as a part of a cyber-risk management plan.
0コメント