Cybersecurity and the risks of not implementing it on your website.
642 million. In the first half of 2016, the number of compromised accounts include the social media websites of LinkedIn, MySpace, and Tumblr. According to Symantec, phishing attacks in 2015 increased by 55 percent.
There are parts of the dark web dedicated to the sale of hacked passwords, credit cards, and personal information. Like it or not, the bad guys are coming for your data. The problem is so widespread that there are websites dedicated to checking if your account has been compromised.
In the past, security has been [in the corporate world] an IT problem. But, with increased access to the internet, coupled with the multitude of personal devices brought into the workspace, cybersecurity is now everyone’s responsibility.
The majority of all security breaches are a direct result of human error, not a lack of defense. Shared passwords, opening “innocuous emails”, clicking on bad links – all contribute to holes in your cybersecurity armor.
Prevention against apathy & lack of understanding of the problem comes with education.
Explaining the impact of a security breach on employees. In lost man-hours, customer trust & revenue helps make the issue more than an IT problem. Identifying the types of attack vectors will help your employees be aware of what to look for and question suspicious websites, emails & social engineering activities.
The Cost of Cybersecurity
The cost of cybercrime is real & palpable. A study by HP and the Ponemon Institute showed that cybercrime costs a company an average of $15.4 million. There are both direct and indirect costs: loss of intellectual property as well as lost opportunity costs & reputation… not to mention the cost of recovery such as securing vulnerable assets.
Also, legislation has been proposed which could impose penalties for not reporting a cybersecurity breach involving sensitive personally identifiable information.
Limiting your company’s exposure to cyber-attacks starts from the ground up. First, as mentioned above: education, education, education. It is every employee’s responsibility to look out for and be skeptical of things that don’t pass the smell test.
Periodic meetings discussing the different types of attacks, sharing relevant items in the news, and having an open-door policy for reporting unusual activity will help employees identify possible threats.
Be open with employees about cybersecurity attacks
Be open with your employees about attacks that happen – explaining the how and what of the event and then steps taken to remedy the situation. Also, communicate how to prevent similar problems in the future.
Always invite feedback from your employees about security policies and document steps for reporting an incident. It’s important not to discourage employees from raising concerns, even if they turn out to be false alarms.