Although clicking on and responding to emails in the workplace is a common practice, recent research revealed it’s also a top cyber-security concern. Indeed, among the methods cyber-criminals use to attack organisations, social engineering scams and ransomware are on the rise.
Social engineering scams, such as email attacks and phishing scams, accounted for over 25 per cent of cyber-incidents earlier this year, affecting organisations across various industry sectors. These incidents can cause serious damage, compromising sensitive data at the click of a button. And although social engineering schemes can cost organisations over £1 million, they are preventable.
You can help your business avoid social engineering scams by communicating with your staff about phishing attacks and providing them with proper training to identify fraudulent or suspicious emails. Emphasise the importance of checking that the sender’s email address seems valid (this includes reaching out to the user to confirm their identity), the message doesn’t contain any typos or grammatical errors, and the links don’t have lengthy, suspicious URLs when your mouse hovers over them.
Ransomware, which is a form of malicious software (malware) that blocks access to a device until some form of ransom is paid (such as large amounts of money), has impacted nearly 60 per cent of organisations in the past year—up 10 per cent from 2016, according to research from cyber-security experts, SentinelOne. What’s more, incidents such as WannaCry highlight cyber-criminals’ ability to use ransomware to attack hundreds of devices across the globe at one time.
To decrease your organisation’s risk of a ransomware attack, routinely update your company’s operational systems and antivirus software to avoid vulnerabilities from outdated technology. In addition, ensure these systems are effective by running tests and conducting frequent assessments. You should also have a plan in place in case an attack occurs. Communicate the plan to all employees so everyone knows how to respond in this situation.
For more tips regarding cyber-security, contact ICB Group today.
Contains public sector information published by the ICO and licensed under the Open Government Licence.
DesignÂ© 2018 Zywave, Inc. All rights reserved. This publication is for informational purposes only. It is not intended to be exhaustive nor should any discussion or opinions be construed as compliance or legal advice. In relation to any particular problem which they may have, readers are advised to seek specific advice. Further, the law may have changed since first publication and the reader is cautioned accordingly.