While high profile cybersecurity breaches at Zoom, Equifax, Yahoo and Adobe dominate the headlines, breaches at small businesses fly under the radar. Yet these breaches are often more devastating, even to the point of business failure. Small business and other organizations that never considered themselves targets are becoming victims of credit card fraud, wire fraud and loss of intellectual property. Most of the breaches, if not all, are caused by an insider threat. Insider threat is a threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have information concerning the organization’s security practices, data and computer systems.
Insider threats are often caused by employees that have no intent of harming an organization. For example, an employee receives an email from a customer that she/he may recognize with a link attached containing reports, but the employee does not recognize the minor change in the email. Instead of talking with email@example.com, he is speaking with firstname.lastname@example.org (notice how “e” is missing from original email address). The employee clicks the link and unknowingly forwards the email to the entire organization. What the employee does not know is that the link she/he clicked and forwarded has a malicious virus that will spread throughout the company’s entire network.
Organizations can only do so much to protect against insider threats. It is up to the employee to make sure to follow all the policies and procedures when conducting business online.
Top 3 Ways to Protect Your Organization
- Educate yourself on company policy and procedures when conducting business online
- Make sure to verify emails and be wary of website links and file attachements
- Perform updates regularly or as requested by your expert level IT Management
Make sure to connect with us on LinkedIn and follow us on #cybernetsystems