Sun Tzu once stated that: “The supreme art of war is to subdue the enemy without fighting” and two and a half thousand years later his rhetoric stands the test of time, as today we are seeing this ancient ideal applied in the most modern of battlegrounds: the fight against cyber-crime.
To tackle both the malicious and accidental data loss threat, organizations need to have preventative technology in place. However, the real key to mitigating the damage of cybercrime is to educate the workforce on the various dangers they pose to their firm, be it accidentally sharing sensitive data with unauthorized personnel, or opening an innocuous document which starts a Ransomware attack. By training employees to recognize potential data breaches and security issues, firms can be ready and prepared for any possible attack, and able to take immediate steps to minimize the impact.
‘Know Thy Enemy’
As a starting point, employees need to have a good understanding of the systems that hold and store sensitive data within the company and what their responsibilities are in regard to securely processing and sharing critical information. A well-trained employee should be able to answer the three data security questions, ‘What’, ‘Where’ and ‘How:
- What data is considered valuable to the business (and therefore to cybercriminals)?
- Where is this valuable data stored?
- How might this data be targeted?
If an employee can answer these three questions, they will be much better equipped to prevent any attempts by hackers to coerce valuable information. For example, employees would be more suspicious of a spurious request for sensitive information, or for access to a system which contains it. It is commonly regarded as easier and faster to teach employees what they need to protect, rather than to teach them who they need to protect it from, although taking the second approach helps to build a security conscious culture which results in an improved organizational security posture.
‘Once More Unto the Breach, Dear Friends, Once More’
The ways in which a data breach may occur, and the warning signs may vary from industry to industry, but there are a few reoccurring symptoms. While it is unlikely that the user would notice a slower Internet speed, it is possible for them to notice failed logins or the time of the last login. Many applications report this but users overlook it. For the cyber-criminal, they may try a found password once – in which case the user can spot it. Of course, if a user is locked out of an account, then this is instantly obvious and should be reported as a potential incident, rather than the usual presumed cause of forgetting the password a number of times.
For those dealing with invoices, there are also warning signs. It might not be as blatant as ‘pay this bill into this account’, but rather the request to change bank account details – such that when the supplier next submits an invoice, payment funds are redirected to the cybercriminal’s account. Changes in account details always need to be verified, using a pre-existing or known contact. Training staff to look at a recipient’s email addresses in the email itself is also good practice as more often than not, phishing emails will highlight discrepancies.
Links to files for download should always be treated cautiously. For those in HR when looking at candidate resumes, just because the file appears hosted on a trusted website doesn’t mean that it should be trusted. Cybercriminals understand that an emailed attachment might not be opened, whereas one pulled from Microsoft OneDrive will be. Helping employees understand how they might be exploited by cybercriminals and social engineering is very important.
In the event of a security incident or data breach, the most important part is establishing a clear line of communication to raise the alarm and then to follow a well-known process to resolution. Employees need to be encouraged to report perceived threats to a supervisor or the IT department, who can then rapidly differentiate between real breaches (including mistakes) or false alarms. The breach notification chain may vary from organization to organization, but what is essential is that a solid process is established, and employees are educated on what to do in preparation for such an event.
‘By Failing to Prepare, you are Preparing to Fail’
While employees should be central to an organization’s cyber defense program, they also need to be supported. Businesses should incorporate tiered security solutions to ensure that any employees that do make a mistake do not compromise any critical data. Clearswift’s Adaptive Data Loss Prevention solution ensures accidental data breach risks are caught before they leave or enter the corporate network, mitigating the risk
Employees may be one of the greatest threats to a firm, but if trained correctly, a firm’s workforce can also be its greatest defense: a cohort of threat-aware defenders against potential breaches.
Watch our video on Cyber Security Training in 2019
Download the Adaptive Redaction datasheet
View our Web Security solution
View our Email Security solution
*** This is a Security Bloggers Network syndicated blog from Clearswift Blog authored by Bianca.du.Plessis. Read the original post at: https://www.clearswift.com/blog/2019/04/02/fighting-war-home-how-your-employees-are-your-greatest-asset-battle-against-data