3.5 min to readCloud ServicesNews and UpdatesDigital Workplace

Cyber security update - December

Ravi Bindra
Ravi BindraCISO
illumination-ciycle-getty-948600830-blog-hero

We believe there is a need for additional information when it comes to cyber security, as organizations have made it clear that investment in a proper security strategy is paramount. Our monthly Cyber security update provides updates on the most recent threats, the latest breaches and how to react to them in order to stay on top of malware and ransomware threats.

Stay ahead of cyber threats

Companies won’t be able to protect themselves from all cyber threats or digital attacks. Particularly with employees working from different devices and in different teams, it’s simply not possible to safeguard against any and every phishing attack or download and installation of malicious apps. However, employee cyber security awareness plays a critical role in increasing the prevention of data leaks and malware infiltrations. This means organizations have to improve the training they provide.

According to the “Insider Data Breach Survey 2019” commissioned by Egress more than three-quarters of executives believe that employees have accidentally put company data at risk in the past year, but 92% of employees said they had not done anything malicious. This shows a definite gap between theory and practice. Though people think they might know the rules it often takes only one click and company data is put at risk.

Facebook for instance has recently patched a vulnerability in its popular WhatsApp messaging platform. Attackers simply had to send a video to their targets which would then launch a remote code execution to capture the user’s mobile system. Another case reported the misuse of Microsoft’s Office 365 infrastructure to send phishing mails coming from legitimate, validated domains.

Examples like these demonstrate the power of combining validated user information and trusted platforms with malware to attack other users without their knowing. Training can make all the difference — if it’s done correctly. One of the most important things to bear in mind is to tailor your training to the different group of employees based on their varying responsibilities, knowledge levels and – most importantly – access to corporate data. Secondly, cyber awareness trainings should never be optional or a ‘sometimes it happens‘ in your company. Make sure to establish a concrete learning path and KPIs to measure the success of your trainings.

Creating a strong cyber security culture doesn’t necessarily guarantee that you’ll never experience security issues again. But, you can decrease the risk that employees will become a victim of phishing or hacking attacks because they are both better prepared and more aware of how easily breaches and cyber threats can occur.

motherboard-getty-1333524556-cta-banner

Prepare yourself & keep your data and systems under control

In addition to cyber security trainings we recommend you also to implement procedures and adopt tools that enable you to keep your data and systems under control. Start your security journey today by staying up-to-date about the latest breaches, malware attacks and other incidents.

Prepare yourself & keep your data and systems under control

In addition to cyber security trainings we recommend you also to implement procedures and adopt tools that enable you to keep your data and systems under control. Start your security journey today by staying up-to-date about the latest breaches, malware attacks and other incidents.

Author

Ravi Bindra

Ravi Bindra
CISO

Ravi holds over 20 years’ experience as a cyber security evangelist, holding multiple leadership roles in the Swiss pharmaceutical industry, such as Global Head of Risk Management, Global Head of Architecture and Global Head of Security Operations.