Is your organization secure?
Many organizations know they need to protect themselves against information security risks like ransomware.
Fewer, though, may have considered the chance bad actors could also potentially gain entry to their system through unsecured points such as software the company has neglected to regularly update.
Is your organization prepared to protect itself against any of the following potential cyberthreats?
Software patches
If network devices aren’t receiving patches that have been released to address vulnerability concerns, they can become exploitable items. More than a quarter (27 percent) of organizations said they’d suffered a data breach due to an unpatched vulnerability, according to 2019 Tripwire research. In Europe, the number was higher — 34 percent.
New tech
More than three-quarters of the respondents in the 2019 Marsh and Microsoft survey on global cybersecurity threats have adopted at least one innovative operational technology, such as an IoT-connected device—even though a quarter of business decision-makers rate the level of perceived risk for IoT-connected devices as extremely high.
Fifty percent of decision-makers, though, say the risks of implementing new technology are almost never a barrier to tech adoption. In addition, a number of organizations seem to only be examining concerns on the front-end of new technology use. While 74 percent said they evaluate risks prior to implementation, only 5 percent said they look at risk throughout technology’s lifecycle.
Companies your organization works with
Your system may be secure — but are your vendors’ systems safe? If not, they could serve as a potential entryway for hackers. Thirty-nine percent of the Marsh and Microsoft survey respondents said the information security risks posed by their supply chain partners and vendors were high or somewhat high.
Physical files
While companies’ protection efforts are sometimes focused on technology, offline items can also cause issues. Twenty-six percent of employees, for instance, say they don’t view putting documents on a personal USB drive to work remotely as a risk, according to MediaPro data. More than a third (39 percent) of the employees who participated in the survey reported they also do not shred documents that contain password hints or similar sensitive information.
Security breaches caused by employees, in fact, remain one of the biggest cyberthreat sources, according to a Canon survey. Only about a quarter of IT professionals feel workers have a clear understanding of what cyberthreats exist — and the role they play in preventing them.
For tips on how to protect your organization against cyberattacks that attempt to exploit workers — and enhance the company’s overall efforts to address threats and vulnerabilities that lead to data breaches — view our blog posts on how to prevent security breaches caused by employees, what to know before HR eliminates paper use and making remote employment work.