How to address the 6 most overlooked causes of data breaches

Cybersecurity experts repeatedly warn about the growing number of sophisticated malware and hacker attacks against IT infrastructure and data. Organizations can’t control the bad guys, and the criminals are getting better. However, rudimentary attention to security threats can go a long way toward protecting systems and data.

The human factor plays a critical role in how strong or weak an organization’s security defenses are. Be alert to the six most common human-factor mistakes that can lead to deadly security breaches.

1. Awareness

It’s not just rogue employees who compromise agency defenses with insider information. Out of ignorance, even the most loyal, hard-working employees can make mistakes that cost the agency dearly. For example, simple phishing attacks can be launched by opening emails from unknown senders, clicking on links and downloading attachments, after which they deliver malware onto a computer or convince a user to give up passwords. About a quarter of recipients open phishing emails, and 11 percent click on attachments. How can we keep this from happening?

The first lesson to convey to employees is the extreme importance of security. Are employees aware of the criticality of the data they deal with every day? Do they understand the necessity to comply with data-privacy regulations and what it might cost the agency if they don’t?

Once employees are aware of the requirement for security and their critical role, they must be warned about using unauthorized websites and shadow IT tools and shown how their daily activities can lead to undesired endpoint or network penetration. And these lessons must be reinforced periodically to ensure that they are not forgotten.  MORE