Do you consider yourself to be generally optimistic or pessimistic?
Positive or negative? Or maybe you’re simply cautious and realistic?
Generally, it’s fair to say that the vast majority of people like to think of themselves as positive – it’s one of humanity’s greatest traits after all.
At The Defence Works, we understand that people’s greatest personal asset – their positivity – can also be their biggest weakness when it comes to cybercrime and security and, as such, can pose a threat to your organisation.
Cyber criminals are aware of the largely optimistic approach of ‘Joe Public’ and hence this is exactly what they prey on – focusing on the general open minded and optimistic nature of your employees and manipulating this in to becoming a vulnerability.
Ultimately, it is through a lack of understanding of the risks that mean people engage in precarious behaviour, which in turn can leave your organisation exposed to malware and ransomware, as employees may click on seemingly ‘safe’ attachments. Regrettably, incidents of ransomware and malware have soared in recent years, as many of our employees are simply not trained to think sceptically about apparently neutral mail.
We’re not advocating that we should all continue life as a self-proclaimed pessimist, one who always views the glass as half empty, being suspicious about every twist and turn but, instead, we all have a duty to begin developing a positive security culture within our organisations. It’s most definitely not a case of suppressing positivity but, instead, recognising how criminals are preying on employees as a way to bypass traditional security measures. It’s only through an increased awareness that employees can truly understand the risks and proceed with a more cautious approach.
It’s common place to conduct suitable reference checks and screening on new employees, yet there is a general lack of risk management when it comes to security awareness training of those employees. Organisations recognise that hiring the wrong people can pose a threat to them and that this risk can be mitigated through employee screening, yet it’s hard to deny that cyber-crime and fraud poses an even more significant threat – as employees are an ongoing vulnerability.
It’s time to start mitigating the risks posed by employees not just prior to them joining your organisation, but throughout their time working with you. Security awareness training does just that – ongoing employee risk mitigation – easy, accessible and very cost-effective.
Being well-informed and developing best practice is far removed from being a pessimist or negative – it’s a positive step toward a stronger and more secure future.
Subscribe to the Proofpoint Blog