Cloud Computing In Education

Cybersecurity Policies Must Address Internal Threats

Cybersecurity Policies

The contentious U.S. election campaign offered up many highlights, but the aftermath of election night – explosive cyberattack allegations – provided even more intrigue.

These weren’t run-of-the-mill allegations, either. In fact, U.S. intelligence officials at the CIA and FBI were adamant that Russia was behind cyberattacks during the U.S. election that were targeted against the Democratic party – part of a bid to hurt Hillary Clinton’s presidential hopes and to help get Donald Trump into the White House.

Whether Russian involvement helped Trump to become leader of the free world — Russian President Vladimir Putin has scoffed at the allegations — is up for debate. But what is certain is that cybersecurity risks are serious business – and companies need to be aware both of the risks and of how to prevent them. Successful attacks, after all, can cripple corporate networks, decimate bottom lines, and damage reputations among customers and suppliers.

It’s easy sometimes to assume that all the threats come from outside of organizations, but it’s important to understand that the real threats come from within because cyber criminals are more and more shifting their focus to attacking corporations from the inside rather than from the outside to potentially evade detection.

Yes, workers, can possibly present serious threats to security. What follows, therefore, are some tips on safeguarding businesses from the potential inside threats.

  1. Education is Key

Education is critical if businesses want to reduce the risks of cyberattacks that lead to damaging data breaches. Verizon's 2016 Data Breach Investigations Report notes that a whopping 63% of confirmed data breach incidents were the result of weak, default or stolen passwords. The report adds that cyber criminals, employing social engineering techniques, still have little trouble convincing people click on links that lead to pages requesting personal information. For instance, the 2016 report shows that 30% of phishing messages were opened compared to 23% in 2014 — and 12% of targets ended up opening the malicious attachments or clicking on the links versus 11% in 2014. What this means is that businesses have to educate their workers so that these workers don’t become the weak links that end up compromising their networks.

  1. Manage Access

Businesses that put in place solid identity and access management policies can lessen the odds of being victimized by cyberattacks since they will be able to govern which employees have access to what information. Robust policies will help businesses to validate workers' identities, which will then provide employees with access to only the amount of information — sensitive or otherwise — that they need to do their jobs. It's also important that businesses monitor the online behavior of their employees. This is particularly important when it comes to accessing information that could potentially be used for financial gain, and there needs to be a clear process for revoking access right away if necessary.

  1. Mobile Considerations

In an age when many employees use mobile devices — both company-issued and personal — it's critical that businesses not only recognize the potential threats, but also address these threats with appropriate actions. According to one source, 61% of workers use their mobile devices both for work-related purposes and for personal purposes, but many of these same workers don't get training for how to properly use their mobile devices. The 2016 Data Breach Investigations Report, meanwhile, notes that security incidents are often caused by workers who, for instance, lose their laptops or mobile devices. It adds that 39% of theft occurs in victims' work spaces and 34% occurs in workers' personal vehicles. So companies need clear policies to ensure that workers understand how to safely use their mobile devices.

The threats facing corporations in this digital age are very real as cyber criminals get more and more resourceful when it comes to finding ways to access corporate networks. While it’s important for businesses to be wary of external threats that could lead to data breaches, it’s also important for them to be mindful of the internal threats when working on cybersecurity policies. This means engaging their employees so that they don’t become the weak links.

By Ian Palmer

Ian Palmer

​Having earned a Bachelor of Journalism from Carleton University in Ottawa, Ontario, Canada in 1999, Ian has covered a wide range of technology issues over the years and has written for IT related sites such as InfoSec Institute and Linux.com

How to Improve the Backup Success Rate of Data Centers?

How to Improve the Backup Success Rate of Data Centers?

Improve Backup Success Rate According to industry analysts, a significant number of backup jobs (from 5 to 25%) are failing across various tiers of data centers. This impacts datacenters heavily on revenue loss, SLA-based penalties, ...
10 Ways The Enterprise Can Prevent Data Leaks In The Cloud

10 Ways The Enterprise Can Prevent Data Leaks In The Cloud

Prevent Data Leaks In The Cloud More companies are turning to the cloud for storage. In fact, over 60 percent of organizations store sensitive information in the cloud, according to a recent Intel security survey ...
5 Ways the Cloud and IoT Have Transformed the Transportation Industry

5 Ways the Cloud and IoT Have Transformed the Transportation Industry

IoT Transportation Industry The Internet of Things has caused many industries to evolve - but few more than transportation. Here are just a few ways it’s changed the delivery of goods. Remember when websites like ...
Protect Against Network Failures

Five Things Organizations Can Do To Protect Against Network Failures

Protect Against Network Failures It is no surprise that whenever there is an outage in a public or private cloud, organizations lose business, face the wrath of angry customers and take a hit on their ...
Avoiding the IOT ‘Twister’ Business Strategy

Avoiding the IOT ‘Twister’ Business Strategy

IOT ‘Twister’ Most organizations’ ‪ IOT Strategy look like a game of ‪ ‘Twister’ with progress across important IOT capabilities such as architecture, technology, data, ‪ analytics and governance; variables comprising a series of random investments and decisions. There is something ...
The Lighter Side Of The Cloud - Direct Reporting
The Lighter Side Of The Cloud - Turmoil
The Lighter Side Of The Cloud - The Apple Watch
The Lighter Side Of The Cloud - The Nanodegree
The Lighter Side Of The Cloud - The Backup Reminder
The Lighter Side Of The Cloud - Hydro Cancellation
startup tech comic series
The Lighter Side Of The Cloud - Fear Of Heights
The Lighter Side Of The Cloud - The Letter "G"

CLOUDBUZZ NEWS

EU antitrust official sees more scrutiny for Facebook, others

EU antitrust official sees more scrutiny for Facebook, others

ROME (Reuters) - Facebook and other tech giants may attract more regulatory scrutiny in future because of their market power, a senior EU antitrust official said on Tuesday. Tommaso Valletti, chief economist at the European ...
Oracle Blockchain Cloud Service and Financial Services Enable Next-Gen Blockchain Innovators

Oracle Blockchain Cloud Service and Financial Services Enable Next-Gen Blockchain Innovators

Students Tackle Real Problems and Succeed in Blockchain Challenge In an effort to accelerate blockchain innovation in Financial Services and other industries, Oracle recently joined academia and banking industry leaders as part of the Carolina Fintech ...
72-hour rule: Can you identify and report a data breach within 3 days?

72-hour rule: Can you identify and report a data breach within 3 days?

In a series of blog posts, the ‘Coach’ offers recommendations on how to get businesses into shape so they can thrive in the new data era. The 72-hour rule included in the European Union’s General Data Protection ...