October is Cybersecurity Awareness Month, and the harsh truth is, hackers continue to turn their sights to the more vulnerable “lower hanging fruit”, AKA small to mid-sized businesses and the #1 security threat to ANY business continues to be HUMANS. Yes, that’s right! You and your employees are the single biggest threat to the security of your organization’s IT network and data. Human error costs companies MILLIONS of dollars in ransoms, downtime, and legal fees every year from ransomware and other malware, viruses, website spoofing, phishing attacks, and spear-phishing attacks. A good way to protect your company’s assets is to start by addressing the BIGGEST threat. In other words, YES, you must train ALL your employees on cybersecurity awareness and how they can do their part to keep company data out of the hands of cyber thieves. Here’s why you need to train all employees on cybersecurity awareness and the top 5 essential cybersecurity tips for your employees.

Why You Need To Train All Employees On Cybersecurity Awareness:

  • "Phishing is the primary method of entry in 90% of cyber-attacks worldwide and many high-profile breaches emanate from a single, successful phish." – PhishMe
  • “Human error is the main cause of 95% of cyber security breaches. In other words, if human error was somehow eliminated entirely, 19 out of 20 cyber breaches may not have taken place at all!” – IBM
  • “On average, only 5% of companies’ folders are properly protected.” – Varonis
  • “An estimated 300 billion passwords are used by humans and machines worldwide.” – Cybersecurity Media
  • “Smaller organizations (1–250 employees) have the highest targeted malicious email rate at 1 in 323” -- Symantec
  • “The cost of lost business [after a cyberattack] averaged $1.52 million” – IBM
  • “The most expensive component of a cyber-attack is information loss” – Accenture
  • “Data breaches cost enterprises an average of $3.92 million.” – CSO Online
  • “Since the pandemic began, the FBI reported a 300% increase in reported cybercrimes” – IMC Grupo
  • “47% of employees cited distraction as the reason for falling for a phishing scam while working from home” – Tessisan
  • “On average, hackers attack 2,244 times a day... or every 39 seconds” – University of Maryland

 

Related: Why Your Antivirus Is Useless Against The #1 Security Threat To Your Business

 

The Top 5 Essential Cybersecurity Awareness Tips For Your Employees To Protect Your Network From Disaster:

  1. Watch Out For Social Engineering. In social engineering, hackers utilize psychological manipulation to trick a victim into supplying sensitive information and it can come in many different forms. These criminals are banking on gaining your trust, effectively causing you to let your guard down so employees must be vigilant and learn how to spot typical social engineering tactics.
  2. Keep ALL Devices And Applications Up-To-Date. Cybercriminals can exploit the vulnerabilities of out-of-date devices and applications and, unfortunately, many employees do not know how important updates are. They tend to look at update notices as annoying rather than necessary and, with proper cybersecurity awareness training, need to be reminded ALL updates are CRUCIAL and must be done IMMEDIATELY to help keep hackers out.
  3. Create Strong Passwords. A single weak password could compromise the entirety of your company’s data, so this goes for EVERY employee. Passwords should be at least eight characters long, should utilize a variety of characters including upper and lower case letters, numbers, and special characters (!@#$%), and should NEVER be reused – and ALWAYS remember to turn on 2FA (two-factor authentication) whenever possible. We get it, it can be hard to remember all those passwords but using a password manager (such as LastPass or 1Password) helps! Read more about proper password etiquette here: Passwords, You’re Doing It Wrong
  4. Do Not Access Company Data On Public WiFi. Times are changing and more and more employees are being given the option to work remotely and while traveling. Sometimes that means needing to use public WiFi, however, this is very unsafe as there is absolutely NO protection from cybercriminals. The use of a VPN can help keep company data out of the hands of hackers no matter where employees get their work done. We recommend you go the extra mile and use a SASE (pronounced “sassy”), or secure access service edge, which is basically like a VPN that checks security on all data going in and out. Discover What Every Business Owner Must Know About Remote Access Security
  5. Learn How To Spot An Attack. Most attacks are sent to would-be victims in emails, making it necessary for employees to know what signs to look out for when going through their inboxes. Common “red flags” in malicious emails include scare tactics and intense urgency, vague greetings (“Hello Customer”), incorrect grammar, and spelling mistakes. Also, a good habit is to always hover over links before clicking on them. Hovering over links will tell you where the link ACTUALLY goes, not where you THINK it does. Common attacks include ransomware, malware, viruses, phishing attacks, and spear-phishing attacks.

"We all have a role to play in ensuring our interconnected world will be safer and more resilient for everyone. Empower your friends, colleagues, and family to Do Your Part. #BeCyberSmart"-- Cybersecurity and Infrastructure Agency (CISA)

You and your employees are the top cybersecurity threat to your business with 95% of cyber security breaches being the result of human error. There is a cyber-attack every 39 seconds and a whopping 43% of ALL businesses victimized are SMALL businesses, making it only a matter of time before YOUR organization is hit. That’s why it is CRUCIAL to train your employees (and continue to train them) on cybersecurity awareness. Stop hackers in their tracks and keep your organization safer by training ALL your employees about new, continually emerging cyber-threats, to use a SASE enabled VPN to access company data when working remotely, password best-practices, the importance of keeping their devices and applications up-to-date and secure, and how to spot and avoid many different social engineering attacks NOW.

Want Our Help Training Your Employees On Cybersecurity Awareness?

If your business is in the Austin or San Antonio metro areas, has at least 30 computers, and if you need help increasing the cybersecurity I.Q. of your team, then call us and we can help your organization become more cybersecurity-savvy. On this call, we’ll discuss your unique situation along with any concerns you have, and of course, answer any questions you have about us. To request a FREE, no-obligation IT Discovery Call to discuss how we can help your organization do their part and #BeCyberSmart, call us at (833) 229-6023 or go online to www.juerntech.com/15-minute-discovery-call/.