By Mark Mathieson MBA (Technology)
There is a lot of talk about Cybercrime and you would think that awareness is high, however knowing that it exists does not protect you from its consequences.
“Awareness” in this context is being aware of the cyber security dangers but, more importantly, what you should do to avoid them.
According to CompTIA, 63% of Australian organisations have had at least one security incident in the past year but that only 23% rate their cyber security training as extremely effective.
This coupled with Symantec’s finding that Australia is number one for ransomware targets in the Southern Hemisphere (up 141% over last year), is a worrying trend.
65% of hack attacks are the result of Phishing and Malware with people accounting for 90% of incidents. Further, with the average breach taking 205 days to discover, costing $15M and taking 45 days to resolve, Companies cannot afford to be exposed.
In most cases, the risks can be significantly reduced by following some basic rules on many common-sense fundamentals, including:
- Managing your passwords
- Knowing what “bad” looks like
- Stop and think AND THEN STOP (Don’t open, Don’t download)
- Beware of Wi-Fi·
But there are many other topics that are vital and will underpin your understanding of the risks and consequences of poor awareness. These include;
- Tape up your webcam (literally or otherwise)
- Sharing Information safely (when and how)
- Private VPN (what is it and why you need it)
- Escalation (don’t run your PC as an Admin – your options instead)
- Back-up (as opposed to “Involuntary Backup”)
- Update your “Router Thingy” (keeping all your devices up to date and secure)
Effective cyber security awareness training for your people, management and Board is critical in today’s environment – can you afford the risk?