4 key areas for cyber awareness in the workplace
End users are the weakest link. The need for cybersecurity education in the workplace has never been more real
Dimension Data recently commissioned Frost and Sullivan to produce a white paper called Securing Workspaces for Tomorrow, that examines the need for organisations to transform in order to allow employees to work in more mobile workspaces. However, most workspaces are not ready for the cyber threats of tomorrow.
Businesses in a digital world need to address the risk of human vulnerabilities to ensure their intellectual property is secure. The people component of any organisation is its weakest link when it comes to cyber security, and cyber attackers know this.
The insights below are extracted from the white paper:
Employees need to be educated on the importance of data security and their role in safeguarding these resources. The creation of cybersecurity committees is a great way to help to make security relevant to everyone in the organisation. Below are some of the main risk areas employees should be made aware of:
Social media is the perfect platform for cyber criminals to stalk their targets. Phishing or social engineering is one of the most common threats experienced around the world, highlighting that while security tools are essential, greater vigilance needs to be exercised by the users themselves. Attackers are constantly innovating new techniques such as ‘pharming’ that redirects clicks on websites to fraudulent sites; ‘vishing’ using voice calls to obtain personal information; and ‘smishing’ using SMS and exploiting that smartphones are able to access the Internet the moment the user clicks on a malicious link in a text message.
Business Email Compromise attacks target high-level executives. These crusades are proving increasingly successful with attackers often posing as someone of high seniority in the organisation such as the CEO, and then sending emails requesting the accounts payable to transfer funds to a bank account belonging to the attacker. The damage from such scams worldwide is estimated to be in the billions annually.
Where critical data resides, and the applications employees use as companies today leverage cloud platforms and embrace BYOD, is critical. Devices are installed with applications employees use as their productivity tools that may or may not be sanctioned by the organisation, for example, note-taking using Evernote or using LastPass to manage passwords. BYOD could mean ‘Bring Your Own Danger’ if mobile applications used to store confidential data do not have enterprise-grade security controls.
Smart offices and IoT
IoT-enabled workspaces deliver control and customisation previously unimaginable. The demand for sustainable, healthy, energy-efficient work environments is leading many to deploy smart building management systems. The integration of online operational functions may have many benefits, but these systems may not be designed with adequate cybersecurity.Water, lighting, heating, and security are essential functions for offices. It is imperative that IoT used in future workspaces be well guarded against potential attacks.
Register to attend the webinar – Securing workspaces in a hyper connected digital era