Please enable JavaScript.
Coggle requires JavaScript to display documents.
Why users are the weakest point of a business security system (Para 2 -…
Why users are the weakest point of a business security system
Introduction
Talk about people-process-technology triad
Para 1- what makes humans the weak links of a security system?
Lack of training
Experian study showed that 60% of employees have no knowledge or understanding of security risks
43% said that the training was basic and did not cover current business practises or were not in depth about current practises e.g cloud services
49% said training was not mandatory.
Most of businesses mistakes are by users
Experian study shows 66% of businesses say employees are the biggest threat
BakerHostetlers data shows 38% of incidents were due to employee action
IBM cybersecurity shows 60% of all attacks were done by employees(insiders)
Information Commissioners office data shows humans caused 62% of all incidents
78% of security professionals believe biggest threat is negligence amongst employees, with an average of 9.3 insider threats a month
Para 2 - How are users targeted?
Invoice scams
When bill/invoice is sent to the business for payment.
https://www.ukfinance.org.uk/system/files/Fraud%20The%20Facts%202019%20-%20FINAL%20ONLINE.pdf
Corporate blackmail
holding a companies information against them, in a way of getting money from them.
https://www.ibtimes.sg/hackers-blackmail-us-firm-demanding-6m-company-secures-injunction-irish-high-court-37039
Forged cookies
Reversed Engineered cookies stay on your computer and stay logged into your accounts
https://www.theguardian.com/technology/2016/dec/14/yahoo-hack-security-of-one-billion-accounts-breached
Para 3- How can we improve users sense of security problems
Reducing vulnerabilities
In-depth training
People can be hired to do in-depth training
Make it mandatory and make it based upon current business training
Download business wide anti-virus application
Norton
Bitdefender
Regular risk assessments
VAPT
Conclusion