cyber-security-update-december-2019

December
Cyber Security Update

Cyber Security Update - December

We believe there is a need for additional information when it comes to cyber security, as organizations have made it clear that investment in a proper security strategy is paramount. Our monthly Cyber Threat Bulletin provides updates on the most recent threats, the latest breaches and how to react to them in order to stay on top of malware and ransomware threats.

Stay Ahead Of Cyber Threats: December Bulletin

Companies won’t be able to protect themselves from all cyber threats or digital attacks. Particularly with employees working from different devices and in different teams, it’s simply not possible to safeguard against any and every phishing attack or download and installation of malicious apps. However, employee cyber security awareness plays a critical role in increasing the prevention of data leaks and malware infiltrations. This means organizations have to improve the training they provide.

According to the “Insider Data Breach Survey 2019” commissioned by Egress more than three-quarters of executives believe that employees have accidentally put company data at risk in the past year, but 92% of employees said they had not done anything malicious. This shows a definite gap between theory and practice. Though people think they might know the rules it often takes only one click and company data is put at risk.

Facebook for instance has recently patched a vulnerability in its popular WhatsApp messaging platform. Attackers simply had to send a video to their targets which would then launch a remote code execution to capture the user’s mobile system. Another case reported the misuse of Microsoft’s Office 365 infrastructure to send phishing mails coming from legitimate, validated domains.

Examples like these demonstrate the power of combining validated user information and trusted platforms with malware to attack other users without their knowing. Training can make all the difference — if it’s done correctly. One of the most important things to bear in mind is to tailor your training to the different group of employees based on their varying responsibilities, knowledge levels and – most importantly – access to corporate data. Secondly, cyber awareness trainings should never be optional or a ‘sometimes it happens‘ in your company. Make sure to establish a concrete learning path and KPIs to measure the success of your trainings.

Creating a strong cyber security culture doesn’t necessarily guarantee that you’ll never experience security issues again. But, you can decrease the risk that employees will become a victim of phishing or hacking attacks because they are both better prepared and more aware of how easily breaches and cyber threats can occur.

Prepare Yourself & Keep Your Data and Systems Under Control

In addition to cyber security trainings we recommend you also to implement procedures and adopt tools that enable you to keep your data and systems under control.

Start your security journey today by staying up-to-date about the latest breaches, malware attacks and other incidents. Join us this month and read our latest Cyber Threat Bulletin to find out more about the latest cyber threats, and attacks and how to prevent them from happening in your company.

Download our December edition and stay informed with key information and a list of activities to help you close security gaps.

  • Tuesday 10 December 2019

Comment on this article

Leave a comment to let us know what you think about this topic!

Leave a comment

Author

Bala Sathunathan

Bala Sethunathan Director, Security Practice & CISO

Software Portfolio Management

Related Articles

Security in the cloud

An Initial Introduction to Security in the Cloud

Whichever cloud solution or platform you choose, they should provide you with security that is perfectly tailored to your organization. Let’s discuss how your Cloud security could look like.

Shadow IT Happens - Read Why

SH(adow) IT Happens – But Why?

Shadow IT is caused by programs that are not approved by the IT department and can leave organizations open to potentially damaging security, compliance, and financial risks.

Data Protection

Why Data Protection Should Be Your Daily Routine

The risk of being attacked is nearly everywhere. With our monthly Cyber Threat Bulletin you’ll never miss out on how to protect yourself from new malware, ransomware, and other threats again.