In the first quarter of last year alone, the FBI estimated that cybercriminals had pocketed some $209 million due to targeted spear-phishing attacks.
Cyberattacks are only getting scarier. Instead of exploiting vulnerable programs, hackers are increasingly targeting end users to bypass the most advanced cybersecurity systems.
This means that the greatest threats to your organization actually come from within.
#1. Relying on Weak Login Credentials
Recent studies have consistently found that most people use the same password for all their online accounts. Additionally, many people use simple passwords that are easy to remember and equally easy to guess.
So if you’re using passwords like “123456”, “password”, or your daughter’s first words (like the great Mark Zuckerberg), you’re just asking for trouble.
Weak passwords leave your accounts open to brute-force attacks. And if one account ends up getting compromised, every other online account using the same login credentials is also compromised.
#2. Misplacing Mobile Devices
By facilitating workforce mobility, scalability and flexibility, mobile devices have become essential tools in the modern workplace. At the same time, smartphones and tablets are notorious for getting lost or stolen.
Even more disturbing is the fact that many people don’t even take steps to secure their devices. And no, setting a 4-digit passcode for your phone is not enough.
When using mobile devices for work, whether they’re company- or employee-owned, it is imperative that you implement a security policy that allows you to keep control over business data.
#3. Connecting to Unsecured Networks
The free WiFi in your local cafe or restaurant may help load your work files and stream your videos, but it often comes at price.
Using an unsecured wireless connection for transmitting any confidential data can spell disaster. With the right tools at their disposal, any hacker connecting to the same network will be able to intercept the data being sent between the client and the local router.
So if you’re going to conduct business outside of work, make sure to use a VPN or, better yet, avoid public WiFi networks altogether.
#4. Not Keeping Up-to-Date
While cybercriminals are more likely than ever before to target end users directly, exploiting technology vulnerabilities remains a very common way to compromise a network. That’s why software and hardware developers constantly release patches to address such issues.
Updating your systems may be as mundane as checking your emails in the morning, but it’s a must if you want to keep your sanity in check. Speaking of emails...
#5. Not Verifying Links in Emails
Most phishing scams and other cybersecurity threats initially arrive by email, making the world’s most popular communications channel also one of the most vulnerable.
A typical phishing scam includes a malicious link or attachment that, when clicked on, can compromise your entire network. Instead of relying on email protection alone, your team should be trained to recognize the risks, know to avoid suspicious file attachments, and pass on the chance to win a free iPhone.
#6. Failing to Notify the Right People
Eliminating bad cybersecurity habits is all about ongoing training and constantly working to raise awareness of new threats. The goal is to create a culture of accountability whereby your staff know exactly what do the moment something suspicious is detected.
Staff needs to know whom to report to, and your supervisors should be ready to let everyone else on the team know about the latest attempted security breach.
People are usually the weakest link when it comes to cybersecurity, but it doesn’t have to be this way. With our expertise and cutting-edge tools on your side, you never have to worry about cybersecurity again. Call Spectrumwise to receive a free confidential security audit.