Employee negligence could be your biggest security risk

The risk of cyber criminals is no match for the danger of human error.

According to a 2018 State of the Industry Report conducted by document security company ShredIt, employee error accounted for a whopping 71 percent of data breaches reported by the small and medium-sized businesses (SMBs) surveyed.

Unfortunately, employees tend to take cybersecurity requirements too lightly, and their organizations don’t spend enough time educating them on its importance. Untrained employees ultimately become one of the biggest security vulnerabilities to every organization's cyber safety.

Employee error can arise in many forms, such as clicking an unfamiliar link, accidentally downloading ransomware, or interacting with malicious emails. So, it is important that every organization is prepared to prevent and remediate potential damage.

BEC cautionary tale

A client of ours in the hospitality industry fell victim to business email compromise (BEC) as a result of an employee overlooking a potential security risk. While the company’s CEO was out of the country, an employee received an email from a spoofed account requesting a large money transfer. Without hesitation, the employee sent over company funds, under the impression that it was being received by the CEO.

Unfortunately, this company never got their money returned. However, after the attack, the company's IT manager reached out looking for recommendations to deal with these malicious emails and educate employees on security protocols. Datalink Networks' expert engineers can scan the active directory for threats, suggest a security plan, and help implement top-of-the-line security products.

Organizations, both large and small, regularly get caught in this trap. According to a 2018 report from Osterman Research, phishing attacks infected the systems of nearly 30 percent of the organizations surveyed. An additional 18 percent of the organizations were victims of CEO fraud or BEC.

Minimizing risk

Reduce your company's risk of experiencing these damaging cyber-attacks. As a leading managed service provider specializing in managed security, our prevention recommendations are:

• Educate your employees to recognize everyday email security risks. You can easily bridge the training gap by implementing an immersive training program like Barracuda PhishLine to bring your staff up to date on potential threats and risks.
• AI solutions are your friend – Barracuda Sentinel's multi-layered artificial intelligence solution detects real-time phishing, BEC, impersonation attempts and more, before they reach your users.
• Manage user identity– Barracuda's Web Application Firewall gives you the power to customize user authentication rights, build comprehensive access control policies, and gain access to user trails for audit and compliance purposes — all while protecting your data from web app vulnerabilities. And it can be implemented on-premises, in the cloud, or as a service.
• Network security scans– Take advantage of Datalink Networks’ complimentary security assessment to pinpoint your top-five vulnerabilities and chart a course to mitigate them.

Finding the right expert support, such as the support available through our team here at Datalink Networks, is your first step in adopting a stronger security plan. You can never be too prepared. Ensure your organization's cyber safety by eliminating employee risk and getting the necessary solutions in place.

Free Report: Get the latest research on spear-phishing threats and trends