cfo-au logo
Story image

Cybersecurity training: the key to strengthening your security posture

15 Apr 2020

Article by Ivanti APAC PreSales area vice president Andrew Souter.

Cybersecurity issues are currently the top business concern across all businesses globally, says the 2019 Travelers Risk Index. 

Although the digital age enables everyone to access information across the globe from the comfort of their homes and office desks, it also poses great security threats at the same time. Today, every organisation deals with business risks, and if not managed properly, they can result in major consequences both for the company and its employees. 

Australian businesses are increasingly under cyber threats and one of the key reasons is human error. According to the Notifiable Data Breaches Statistics Report by OAIC, among the 537 breaches notified from July to December 2019, human error was the second leading cause of data breaches (accounting for 32%). 

Despite rigid security measures in place, a fat finger mistake can cost a company millions of dollars. 2019 IBM Security cost of a data breach report shows the average cost of a breach in Australia was US$2.13 million in 2019, up from US$1.99 million in 2018. The study also shows that Australian organisations take an average of 200 days to identify a breach and another 81 days to contain them, both longer periods than a year ago.

Actions such as sending valuable data to incorrect recipients via emails, accidentally emailing documents with sensitive data or unauthorised access, are some of the probable cause of a data breach.

Importance of training and upskilling 

Increasing operational complexity, emerging new security tools, software and operating systems in the market makes it difficult for employees to stay ahead of the curve. Most cyber-attacks are successful because companies struggle to maintain basic security hygiene internally, of which human factors and employee behaviour remains a major concern.  

Hence it is important for businesses to train employees on how to pay close attention to cyber threats and act in such situations. Continuous training and upskilling have always been a holy grail for organisations to bring employees up to speed. 

Training employees on the importance of setting strong passwords, software updates, enabling security features and not clicking on suspicious links or downloading unauthorised software/apps can go a long way. Cybersecurity training is not always the top priority for employees, citing their day jobs and other items that are first in the list. Therefore, creating a mock cyber-attack drill would make employees aware of the implications of an attack and the importance of adhering closely to security policies. 

Mobile device security 

Another important thing to remember is mobile device security. Mobile devices such as phones and tablets are becoming the main source of productivity. Right from checking emails, social media accounts, playing games, watching videos, and more—everything is done through those devices. This also means that more and more attackers are using mobile devices as points of attack.

In addition to laptop/computer systems, training employees to secure their mobile devices is equally important. One of the easiest ways to help secure the device is through a strong PIN or password. Most new devices also have biometric options, such as a fingerprint or face recognition. The truth is, most attackers go for easy targets. An attacker could spend days or weeks trying to penetrate a system, or could just sweet talk their way to getting information by sending a phishing email or making few phone calls. 

Deploying specialised security tools, updating security policies regularly and closely monitoring employee activity, will help organisations in strengthening their internal security posture. Against the backdrop of a complex cyber threat landscape, businesses must have a strong and effective security awareness training program to lower exposure.

As the cybersecurity industry becomes more and more complicated, the fear of getting in the middle of a data breach is inevitable among businesses. Hence, enterprises and organisations can no longer turn a blind eye to the importance of employee training and upskilling.

Story image
Businesses struggling to achieve cloud migration in wake of COVID-19
Cloud adoption has increased due to the COVID-19 pandemic, but businesses are struggling to meet their cost and performance needs due to migration challenges, new research finds.More
Story image
E-waste becoming a massive issue for businesses, so what can be done?
E-waste is a global concern, and is quickly becoming a crisis of its own, the researchers state. In fact, more than 53 million metric tons of e-waste was produced in 2019.More
Story image
Pure expands as-a-service offerings with focus on transparency
It aims to provide the economic benefits of cloud, along with those of Evergreen architecture including non-disruptive expansions and maintenance. More
Story image
Why tool consolidation should be a top priority for businesses
How can businesses expect to scale for their biggest day when a single, unified view of their infrastructure doesn’t exist? The impact on the business is too high to ignore, writes New Relic APJ executive vice-president and general manager Dmitri Chen.More
Story image
The top features to look out for in a product pricing solution
Many software solutions promise to provide accurate market analysis, which helps in price management of your product. But some solutions are more helpful than others.More
Story image
APAC retailers lagging in omnichannel capabilities
“It’s great to see APAC brands making significant progress in improving customer experience, however, currently they aren’t setting the bar high enough for a customer-centric strategy."More