When people walk into the office and log onto their computer, thoughts of deadlines, meetings, and upcoming projects flood their mind. They enter work-mode tunnel vision, and a majority of them don’t have cyber security tactics at the front of their mind.
Damage caused by cyber-attacks cost companies hundreds of millions of dollars.
In 2014 U.S. companies spent more than 800 million dollars on cyber security damage repair according to the Internet Crime Complain Center.
With the rise in cyber-attacks, more and more businesses are investing in different forms of cyber security defenses like buying the latest software and hiring expanding their IT team. The Cyber Crime Survey said that 20% of companies with more than 10,000 employees planned on investing 20% more company funds to raise security investments in 2014. But with the rate that hacking tactics are evolving, investing in software and adding one more cyber security expert isn’t enough.
The Achilles heel in company’s cyber security strategy is failing to communicate to employees the importance of cyber security habits and what to look out for.
According a Forbes article 90% of all company security breaches are from human error, like an employee falling for a disguised email that asks for company information, or using one password for every company account.
Unless an employee consciously tries to adapt cyber security practices in their daily life, the chances of them being actively aware of cyber-attacks at the work place is fairly low. In order to lower a company’s chances of a cyber-attack, the board members and upper management need to instill a cyber-security environment.
Currently 53% of companies are upping their security defenses and have employee security-awareness and training programs, where employees are educated on common forms of company cyber attacks.
While more than half of companies are incorporating cyber attack training, the 2015 pwc cyber security report states that 30% of company board members are not engaged or active in cyber risk strategies. A company’s atmosphere and list of values funnels down from the upper management.
If the CEO and managers don’t put an emphasis on cyber security practices, neither will their employees and their chances of falling prey to a cyber-attack rise.
Companies shouldn’t focus on making every employee a cyber security expert or expect their employees to know technical cyber security strategies. Their main goal should be making employees aware of the organization’s security policy and procedures.
Take your first step to cyber security training and see common ways businesses are hacked in our infographic below!