Reggie Dejean Director of Operations View Bio

Did you know your employees may be your biggest cyber security vulnerability

In response to potential cyber security threats, you’ve enlisted the support of a stellar IT team to batten down the hatches. While this is noble preparation for minimizing a cyber intrusion, your biggest cyber security vulnerability may still be at large. That’s because cyber criminals are known to tap unsuspecting employees as willing or unwilling participants. In recognition of October as National Cyber Security Awareness Month, here’s a rundown of potential ways employees contribute to your company’s cyber security woes:

  • Opening email attachments. Curiosity can get the best of even the most savvy employee when they open legitimate-looking, unsolicited emails and click on links or attachments. These links often download malware that allows access to computers and data files.
  • Responding to ‘phishing’ communications via phone calls or paper mail. These communications entice employees into interactions that open the door to sensitive data. For example, employees may receive calls or fake invoices requesting account details or credit card numbers to pay for alleged services, consequently opening up a data breach or allowing an account hack.
  • Visiting malicious websites. Employees may surf the net for business or personal reasons and land on a compromised website. While there, they may download infected material that exposes your system to malware and cyber intrusion.
  • Posting too much information on social media. Some employees inadvertently share sensitive business information on social media sites. Cyber thieves troll these accounts and lift information that facilitates further hacks.
  • Installing and using unauthorized software and programs on work computers. Despite policies that mandate the use of authorized software only, employees may see no harm in installing their favorite programs to get work done. If your IT team is unaware of such software, proper maintenance is unlikely, which opens the door to cyber intrusion.
  • Placing sensitive information on mobile devices, including jump drives, laptops and mobile phones, to facilitate working at home or on the go. These devices can be lost or stolen, which account for a significant number of data breaches. Also, employees who use jump drives on home computers create cyber threats if computers contain outdated software or are already affected by malware.

Dealing with employee vulnerabilities requires a comprehensive training and education program, which will increase employee awareness of actions that can cause irrevocable harm to your small business. With limited resources and systems in place for protection, you may need outside support. Our firm has qualified in-house cyber insurance professionals who specialize in helping companies identify risks. We provide potential solutions for risk mitigation, including various cyber insurance products.

, ,