In 2004 the federal government declared October “Cybersecurity Awareness Month” with the goal of bringing greater awareness to the rising threat of cybercrime across the country. The Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) were formed to lead a collective effort between government and business to increase cybersecurity awareness, especially for small and medium-sized businesses (SMBs).
With a wide range of Cybersecurity solutions available on the market, it’s important to note that security depends on more than just safeguards, policies, tools and equipment, it ultimately comes down to people.
Not only is human behavior one of the biggest risks to a secure network, but understanding typical behavior is vital toward finding and preventing cyberattacks. The decisions individuals make at work, at home, in school or while simply surfing on their phone, can instantly create a cyber problem for a business, sometimes quite obviously and other times, completely unbeknownst to the victim.
This is the reason cybersecurity professionals are now studying human behavior more intently, trying to find new ways to educate and train people to avoid these mistakes. This means making training relevant to today’s environment and implementing security controls that are both effective and easy-to-use, without disrupting workflow or productivity.
Cybersecurity is everyone’s problem to address and it’s going to take a collective effort to keep cyber threats at bay. It is still the responsibility of every SMB to promote the basic cyber hygiene practices:
Even with these best practices in place, criminals always seek the easiest possible path into a network, which is often through employees. They don’t need to hack, sometimes they just need to ask. In research conducted by Trend Micro, 91% of targeted cyberattacks involved spear-phishing emails, or an email that is personalized to the recipient. Compared to a generic phishing email that is sent to many recipients, which only has an open rate of about 3%, a targeted spear-phishing message has an open rate of 70%.
Email isn’t the only risk. In an era of BYOD (Bring Your Own Device), with shadow IT and ineffective security training, reducing risk is an uphill battle. Even when a network is secure, a single mistake by a well-meaning employee can expose it to a breach.
One of the biggest issues in cybersecurity is finding what constitutes a threat. New threats are appearing from disinformation that are tied to geopolitical tensions. As cyber criminals take advantage of high-profile global events and look to influence mass opinion, these bad actors will not only sustain current levels of activity but take advantage of new capabilities as innovative technologies enable more-sophisticated means of attack and deception, think about the power a “Deep Fake” could have if harnessed at the personal level. With global businesses more interconnected than ever, cybercriminals look to capitalize on bigger disruptions, such as targeting supply chains, ubiquitous software, like Kaseya and cloud platforms such as Azure, Google and Amazon Web Services.
As businesses, individuals, and organizations depend more on the conveniences provided by Internet capabilities, the cybersecurity world grows more complex. Cyber criminals continue to develop more complicated and expensive techniques, and cybersecurity experts work tirelessly to mitigate these threats with more advanced software and techniques before valuable data is breached.
Join us in our month-long series intended specifically for the SMB community.
Roark Tech Services is constantly watching the cybersecurity landscape and speaking with global cybersecurity experts to understand the latest threats and safeguards. We know cybersecurity and cybercrime, and remain uniquely qualified to help the SMB community. Always consult with us first.
If you don’t have an IT Partner that you trust knows the unique challenges of your SMB and just how to supply the right level of service and support, we’d love to help. Contact Us.