These days, it seems most people have a security story. Viruses, malware, hackers, ransomware, all of it is more prevalent than ever before. So, with the increasing number of outsider threats to an organization, the findings in a BetaNews report published last year may surprise you. Do you know what the 187 cybersecurity professionals named as the most overlooked security threat in enterprises today?
That is right, and over half of the interviewees agreed. Although sometimes the activity of insiders may be malicious, often it is because end users are just trying to get their job done and don't understand how risky their behavior is to the organization.
For example:
The point is, that even activities that seem harmless could be the access point for malicious activity and these "small" oversights are costing organizations big money.
A Ponemon Institute published a report based on interviews with 280 IT and cybersecurity practitioners at 54 U.S. enterprises, each with 1,000 or more employees. Each of those enterprises experienced “one or more material events caused by an insider” during the 12 months immediately preceding the survey.
The average cost per negligent employee/contractor incident? $206,933.00 USD. Ouch!
In looking at the security policies and procedures in your organization, do you have anything that is focused on the education of your end users? If not, it is time to start.
To help we have created Your Ultimate Checklist for End User Security. Print it out, put it on the desk of every employee, hang it in the break room, or send it out in your next company newsletter. Or, If you have company specific policies, use this list as a starting point and add your own. Regardless of how you decide to approach security education, the time to start is now. Remember, your security defense is only as strong as your weakest link.