Why Employees Might Be Your Best Defence Against Today’s Cyber Threats
In our Zoom for Thought on June 30th, 2020, UCD Discovery Director Prof Patricia Maguire spoke to Tom Keating (pictured),VP of Engineering & Belfast Site Leader, Proofpoint, asking “Are employees your best defence against today’s cyber threats?” In case you missed it, here are our Top Takeaway Thoughts.
The weakest link
Cyber attacks start with people so your cybersecurity should too. Email is the “number one threat factor” so always “pause for thought” before clicking on links or attachments in emails. “Human beings are drawn to click those links and that’s why we take a human-centric approach to cybersecurity; because they are the weakest link for getting into an organisation”.
Employees should have cybersecurity training that gives them “a healthy paranoia”. Cybercriminals are “very, very smart people” whose emails containing malware are “very scripted and very well targeted”. When in doubt, ask for a second opinion before you “click something or take some action that could provide a compromise”. Even if the sender is a trusted colleague but the content is strange, check with them in the real world; their email account may have been hacked.
Don’t presume you are not worth hacking. Anyone can be targeted, even if you think you have no access to valuable assets, funds, secrets, intellectual property or data. Cyber criminals might be after “information about someone you know - and they’re using you as a stepping stone”.
Hacking our habits
Since the Covid-19 pandemic we have been shopping online and streaming TV in our millions. Observant hackers are now “...sending emails to fool people into thinking they are from Netflix or Disney+ or Apple TV - whatever the case may be.”
Cyber crime is constantly evolving. “There is no silver bullet solution where we can say, ta-da!” As attackers change and adapt, security providers must too. “It’s almost like an arms race per se.” Proofpoint protects companies, organisations, their IP, data and intellectual property. “The nice thing is you’re protecting people.”
Many companies have “gone to the wall” as a result of cybercrime - and the criminals didn’t even need to empty their bank accounts to do it. “Actually [rebuilding] reputation is one of the biggest problems.” If your clients’ private information is compromised, they may feel that “you didn’t take the appropriate checks or take seriously protecting our data”.
How safe is the cloud? “If you are the classic pessimist you could say you are actually taking your data and putting it on someone else’s computer, that’s what the cloud really is.” Most people don’t mind that their tweets and Facebook posts are in the cloud. But if you are storing company information up there you need to verify that your data is protected and encrypted “by the provider and that their procedures are strong”.