The Breach Within – How to Address the Risk Employees Pose to Your Cybersecurity

 Cybersecurity and Employees

Cyber attacks aren’t new, but the frequency and associated costs are growing. As a result, there’s an increased focus on hardening endpoints and reducing security weaknesses. However, your employees play a key role in cybersecurity.

Workers can be both the cause of cyber incidents and the means of prevention. Explore the challenges businesses face, including methods used by cybercriminals, then get tips to manage and reduce threats.

The Cyber Threats Within Your Company

While large cyberattacks make headlines, smaller companies are often the target. Indeed, a 2020 Coveware quarterly ransomware report says, “ransomware remains a predominantly ‘small business’ problem. 55% of total enterprise attacks took place on companies with less than 100 employees, and 75% of attacks occurred on companies with less than $50 million in revenue.”

In addition, the “2019 Global State of Cybersecurity in Small and Medium-Sized Businesses” (SMBs) commissioned by Keeper and conducted by Ponemon Institute finds, 66% of surveyed SMBs underwent a cyberattack in the past 12 months.

Unfortunately, this same study notes that the “top data breach root cause in the US is employee negligence.” In fact, their survey finds “63% experienced a data breach caused by a negligent employee or contractor.”

In many cases, employee-caused cybersecurity incidences are preventable. Yet, employers relying on hybrid or remote teams may face additional challenges.

Hybrid or Remote Workforce Challenges

The pandemic and subsequent business closures pushed employees into remote work. Companies turned to virtual private networks (VPNs) to keep teams connected, and ZDNet says enterprise VPN use is up by 33%.

Others used remote desktop protocol (RDP) to fill the work-from-home void. Accordingly, RDP use increased 41%. But, securing new endpoints isn’t easy. The “State of SMB Cybersecurity in 2020” from ConnectWise notes, “79% of SMBs are worried about their remote devices or remote employees being breached.”

Consequently, 42% say they’re investing more in cybersecurity because they have more remote employees than in prior years. However, cyber-attacks occur regardless of where your staff works. The tactics take advantage of your employees’ trust and natural inclinations for clickbait.

Methods Used by Cyber Criminals

Along with remote desktop intrusions, email phishing and compromised accounts pose some of the most significant problems to your business.

Sophos 2021 Threat Report finds, “the majority of security incidents involving cloud computing came down to two primary root causes: stolen or phished credentials, or misconfigurations that led to breaches.”

Phishing and social engineering scams consist of realistic-looking emails or websites with malicious attachments or links. These can be from a vendor email compromise (VEC), where attackers control a vendor’s account or impersonate an email address. It appears as if the email is coming from a current vendor or customer.

In addition, a business email compromise (BEC) takes place when a seemingly internal email requests money or confidential data.

Employee Cybersecurity: Prevention and Protection Tips

The best first steps you can take are to invest in comprehensive antivirus solutions and work with a managed service provider (MSP). Meanwhile, perform regular security assessments and offer in-depth employee training sessions. Below, we explore five ways to inform teams and reduce threats.

1. Set Device and Internet-Use Policies

Employees need guidelines for accessing social media, email, and the internet. Add the rules to your company’s handbook, go over them during the onboarding process, and refer to them often. Polices should discuss:

• Acceptable use cases for internet or social media browsing on company-owned devices
• When and how to lock screens and log out from devices
• Restrictions on software or app installations
• How to report lost or stolen devices
• Who to talk to about suspicious activity or emails

Workers often worry about disclosing lost equipment. Or they receive an odd email and delete it but don’t report it. While it’s important to set and enforce rules, employees should feel comfortable going to a supervisor or contacting IT when something seems off or goes missing.

2. Emphasize Password Security

Poor password practices put company, employee, and customer data at risk. Yet, Keeper notes that 54% of companies have “no visibility into employees’ password practices.” Moreover, “70% of SMBs report that their employees’ passwords have been lost or stolen in the past year.”

Along with advising workers on how to create strong passwords, give them the tools to do so. Password management programs help staff save details for logging into all work-related applications.

Multi-authentication tokens or apps also reduces risk and will require staff to verify their identity before accessing a program.

3. Ensure Email Best Practices

Many employers add a reminder to every external email, prompting recipients to take extra caution. However, even these notes can be spoofed by bad actors. In addition, it won’t necessarily protect staff from emails that look like they come from internal team members.

First, employees should inspect the sender’s email address or domain address. Unrecognized senders or domains with numbers at the end could be a phishing attempt. Spelling errors, links to change passwords, or requests for payments are also warning signs.

The best thing workers can do is to reach out to a supervisor or IT department. Don’t reply to the email. Instead, call or send a message before completing any action.

Also, encourage users to avoid clicking on any links from social media sites, such as LinkedIn. It’s better to go to the channel to read the actual messages or notifications by entering the web address in a browser.

4. Provide Regular Cybersecurity Training

All of the above tips have one thing in common — employee training. It starts at hiring and should be ongoing, as repetition is critical to forming good habits. Keeping teams aware of security threats and procedures to follow is essential.

Courses should come in several forms, from in-person events to mobile-friendly and interactive sessions. Go over information, such as:

• Data protection rules, including regulatory and legal obligations
• Information and examples detailing the latest scams
• Training modules on web browsing, social media use, and email security
• Ways to secure mobile devices, such as cell phones and tablets
• Remote work security checklists for virtual workers

5. Choose the Right Cybersecurity Tools

ConnectWise shows “71% of SMBs have only foundational cybersecurity protections,” such as firewalls or antivirus software. Furthermore, only 47% use advanced endpoint protection, and 53% leverage advanced network protection. At the same time, 52% “lack the in-house skills necessary to properly deal with security issues.”

Without protective and preventive measures in place, your on-site and remote devices aren’t fully protected. All devices and locations should use advanced security tools that are updated automatically. Anti-malware scanning examines email attachments, servers, portable media, and web traffic. Comprehensive systems also support endpoint monitoring and let your IT team remotely wipe devices.

Additionally, operating systems and software must use current versions with regular patches. Routine vulnerability scanning and system auditing help your IT department prioritize tasks. In many cases, partnering with an MSP can help you cover your bases without stretching your IT resources.

Take a Proactive Approach With Help From Your Employees

Employees who take an active role in cybersecurity make fewer judgment errors, form good habits, and improve their company’s security. Give your teams the information and tools they need to identify and prevent cybercrime.