What, according to you, is a company’s biggest security risk? Holes in the corporate network? Think again!
It’s you! With hacking attacks against companies getting bigger and high profile by the day (remember the breaches at Sony and Citigroup this year?), companies have learned to secure and strengthen their networks the hard way, which shifts the hackers’ attention to you, or the employees to be precise.
These days, hackers do not have to work so hard get into your company’s network; they can just make you do it for them! Employees, even well-intentioned ones, are exploited to gain access to company networks. In case you didn’t know, this is called social engineering where hackers manipulate people into divulging confidential information, often after completing thorough reconnaissance on their victims. Posting troves of information about yourself and your job online? Unless you want to become a victim, stop doing that right away.
Trust us; social engineering is on the rise these days with many people falling easily for it. Look at the results of a recent test conducted by KnowBe4, a firm that provides security-awareness training, if you don’t believe us. To find what percentage of a group of companies would be susceptible to phishing attacks, the firm had sent phishing emails to employees at 81 companies from a reputable and trusted server, 43% of which had one or more employee click on the link in the emails. The second test involved the use of unknown and untrusted servers (which were filtered out by many corporate email systems, by the way) but at least one person in 15% of the companies still clicked on the emails. You might ask what is one person compared to a thousand, but when it comes to malware, all it takes for the damage to be done is one person.
So, don’t forget to think long and hard before clicking on that link in your email or posting your info online!