In case you needed more reasons to continuously improve your organization’s information security awareness, does $1 BILLION lost to hackers since October 2013 get your attention?
According to the FBI, corporate account takeover and business email fraud have resulted in $1 billion dollars lost since October 2013…and some of these losses have caused organizations to go out of business.
http://www.wsj.com/articles/hackers-trick-email-systems-into-wiring-them-large-sums-1438209816
Spear phishing and phishing attacks trick people into clicking on a website link or opening an attached file which plants malware inside their network. These attacks are targeting people in your organization and/or people working at your third party service providers. Once the hackers have their malware inside the organization’s network, the hackers can gain access to sensitive information and steal passwords to your email system which allows hackers to create emails that can create wire transfer transactions that look legitimate and your organization is sending money to who knows where!
Connecting the dots…
In the majority of incidents, these very expensive and potentially catastrophic breaches could be prevented if your people had ONGOING:
• Information Security Awareness relating to Internet and Email Usage
• Situational Awareness relating to the latest information security attack methods
• Incident Reporting Awareness relating to how to recognize and report suspicious activities
• Information Security Awareness for all “third party service providers”
• Policy/Procedures Awareness for organization specific roles and obligations for everyone
• Information Security Update Awareness so patches had been applied when available
• And other key “Awareness”
Connecting the dots…
The data is overwhelming and hackers are swarming because the weakest links (people) are still weak links no matter how much software you install on your network….technology does not prevent breaches…people prevent breaches.
https://www.awareity.com/people-cant-prevent-cyberattacksbut-your-people-can-prevent-breaches/ To help Risk Managers, CEOs, Board Members and other executive management understand other weak links, check out this report from Fujitsu which says only 7% of employees rank their organization’s data a higher priority than their personal data. (lack of awareness)
http://www.net-security.org/secworld.php?id=18665
Or a US-CERT report that estimates 85% of all attacks are preventable or a HP Security Research report that found all nine of the most dangerous enterprise vulnerabilities detected in the wild were more than three years old…citing neglect in applying updates and patches. (lack of awareness)
http://techcrunch.com/2015/07/27/neglect-is-still-the-biggest-threat-to-data-security/
Awareness and Accountability are vital to your organization and every individual needs ongoing awareness updates. Awareity (combination of Awareness and Accountability) is helping organizations eliminate their weakest links…take action before you become an FBI statistic or a national headline for your clients/patients to see or an organization that used to be in business…for information click here.