Connect with us

Hi, what are you looking for?

HEADLINES

Human error is leading cause of cybersecurity breaches — study

A new worldwide study cited by leading DDoS Mitigation service provider IPC reveal that a lack of skills among employees is a critical barrier holding enterprises back from implementing threat management more effectively.

IMAGE FROM PIXABAY.COM

A new worldwide study cited by DDoS Mitigation service provider IPC reveal that a lack of skills among employees is a critical barrier holding enterprises back from implementing threat management more effectively.

IMAGE FROM PIXABAY.COM

Conducted by the CyberEdge Group and IPC’s cybersecurity services partner Imperva Incapsula, the 2018 Cyberthreat Defense Report’s 1,200 respondents showed that lack of skilled personnel and low security awareness among workers are the top two barriers that inhibit companies from adequately defending themselves from cyber-attacks.

The study was conducted in organizations with more than 500 employees in countries across North America, Europe, the Middle East, Latin America, Africa, and Asia-Pacific (APAC). Some key findings in the APAC region include organizations in China and Japan leading all respondents in believing that they will be compromised by a successful cyber-attack this year, Chinese companies being the world’s leading victim of ransomware, and the position of IT security architect/engineer being the hardest to fill in Japan, China, and Singapore. 

“Threats are constantly evolving and the chances of being attacked are increasing significantly as enterprises everywhere integrate new web-facing technology into their day-to-day systems. New types of attack methods are always emerging, and a single employee oversight can make or break a company. This study reveals how it is imperative to keep pace with the threat landscape as it evolves and continue educating ourselves on the latest attack methods,” said Niño Valmonte, IPC’s director for marketing and digital innovation. 

Human error, negligence as top risk

The revelation that the lack of employee skills is a main inhibitor to effective cybersecurity is in line with the study’s other findings. When asked on what type of attack companies are most concerned with, the respondents’ answers revealed that the top three are Malware, Ransomware, and Phishing — threats that commonly enter a computer through the negligent actions of the user.

Advertisement. Scroll to continue reading.

These three attacks are often spread through spam emails that contain malicious attachments. Opening the email will end up installing the threat into a computer. What’s more devastating about this is that once installed, most of them are programmed to automatically send themselves to the mailing list of an infected computer, thereby spreading itself further. Other common sources of the top three cyber threats are malicious files hidden inside downloaded files and software, and through a method called drive-by downloading, which occurs when malicious programs are automatically downloaded by visiting an infected website.

“Cybercriminals often use trickery to get people to unknowingly download malicious files. This can be an email with a file attached that tells you it is a receipt for a delivery, a new tool for a web browser, or even a bogus antivirus program that has malware hidden inside. These are just a few examples of how attackers can infiltrate a network that every company and its employees must know about,” said Valmonte. 

Making cybersecurity education a priority

In order to avoid these threats, IPC recommends that businesses conduct constant training in order to instill the right skills, awareness, and the “cybersecurity culture” required in workers to fight against new and evolving threats.

“Cybersecurity education needs to be an integral part of the workplace culture, it doesn’t mean hosting a one-time course or seminar, it means making security a collaborative, continuous cultural initiative that will take up a lot of time but is a good investment in the long run with the fate of a company at stake.”, Valmonte added.

According to IPC, organizations must first ensure that cyber security awareness and organizational security procedures are well established not only through periodic vulnerability assessment of their network and critical systems, but also in the mind-shaping of employees’ right from the induction and training process. In line with this, Valmonte recommends executives and middle managers to foster a culture of workplace security by talking to their respective teams about the following as a start:

Advertisement. Scroll to continue reading.
  • Practices in keeping a computer clean, including sensibly limiting the programs, apps, and data that can be downloaded and installed, and speaking up whenever a computer exhibits strange behavior;
  • Using long, strong passwords that has the combination of uppercase letters, lowercase letters, symbols, numbers, and changing them routinely;
  • Recognizing and deleting email messages with suspicious subject lines and links;
  • Constant and consistent backup of files and/or applications;

“By starting with these steps, a company can already drastically reduce the installation of malicious programs within their network,” said Valmonte.

 

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

This initiative celebrates the innovation and resilience of Filipino entrepreneurs as they drive their businesses toward sustainable growth and success.

HEADLINES

PLDT Global and URNET aim to deliver tailored SD-WAN solutions that enhance network resilience, offer integrated security, and ensure seamless access to cloud services.

HEADLINES

The partnership will enable Converge to leverage FPIP’s dark fiber infrastructure, providing seamless and fiber-fast connectivity to the industrial park’s over 150 world-class locators...

GAMING

The device combines cutting-edge technology and a compact design to always bring next-level gaming and entertainment within reach. Acer’s first-generation handheld AI gaming PC...

HEADLINES

Vyopta brings extensive expertise and infrastructure to turbocharge the development of HP’s Workforce Experience Platform and provide customers with more insights and capabilities.

HEADLINES

Kaspersky has enhanced its Kaspersky Industrial CyberSecurity (KICS), a native XDR Platform for industrial enterprises, and streamlined Managed Detection and Response (MDR) for Industrial...

White Papers

One in three industrial companies encounter regular network problems, with 45% of businesses experiencing them a few times a month, while only 12% of...

HEADLINES

Apple Immersive Video is a remarkable media format that leverages ultra-high-resolution 3D video and Spatial Audio to put viewers in the center of the...

Advertisement