The threat from within
According to EY, 60% of CIO's named careless or unaware employees as the most significant increasing vulnerability to organization' security. in 2018, errors were at the heart of almost 1 in 5 security breaches, and 42% of companies say their biggest loss of confidential data was by employees.
Human error poses a serious threat. Even the most well-intentioned employees can let malware into your network or leak confidential data by accident. Employee behaviour is incredibly difficult to predict the concerns of organisations of all sizes. Furthermore, their use of a plethora of devices outside the network is a challenge for the IT department.
Follow this checklist for secure IT behaviour for your employees:
1. Everyone should know how to inform IT of breaches
Have a guide in place covering typical signs of a breach, who to contact and with clearly defined contact info. If employees are hesitant of sounding the alarm – their awareness has to be exercised so that IT is informed before damage is done.
2. Cultivate suspiciousness
With the daily reception of large volumes of emails, employees are less likely to scrutinize each mail. If something feels out of the ordinary, you should be suspicious as the primary causes of security breaches happen by clicking malicious links and downloading attachments.
3. The sender should be known
Cybercriminals are well financed with the resources to produce quality content for mail fraud (better graphics, personalisation and customised communication) imitating trusted sources. No one should open emails and attachments from unknown senders.
4. Be aware of what is shared
Increased use of social media allows criminals to collect huge amounts of data to be used in personalised messages which are hard to see through. You can’t control what employees share, but you can warn them about the fact that data can and will be abused.
5. Make sure employees allow updates
To skip updates only provides criminals with more elbow space. Make sure employees approve and run software and operating system updates to minimize the risk for malware infection.
What you need to do
Educate your employees
The majority of incidents are caused by human error. Social engineering targets individuals and phishing along with ransomware obtain access to your network through employees. Companies with well-trained employees in IT security are less likely to be infected by malware.
Gain control of user rights and access
Who has access to which devices, applications and data? This requires an overview of several roles and limiting the access for selected employees.
Record all rights
During incidents, knowledge of who has access to which part of the organisation can save IT for a lot of time. Time that is better spent remedying.
Monitor continuously and keep network services up to date
Your systems and network change constantly with the flow of employees which requires your overview. Users require new tools, devices and software to be added to your network. It is important to discover system vulnerabilities by monitoring continuously.
When you detect vulnerabilities, predicted as well as unpredicted, policies and processes should be reviewed to decrease shadow-IT and the number of access points for malware.
Apply multi-layered security
Errors, especially human errors, will always occur and there is no single solution. Better training of employees goes hand in hand with technology. A multi-layered security e.g. monitoring, endpoint & server protection, backup & recovery, network security and threat management collectively compose the best defence.
 Verizon Data Breach Investigation Report 2018
 Corporate IT Security Risks Survey, Kaspersky Lab and B2B International
Kenneth Demskov is IT security specialist with 25 years of experience from the IT world and has worked with server-, network-, and database operations distributed across a broad spectrum of operating systems, database technologies and types of networking equipment. Certified in Fortinet and Microsoft focusing on design and delivery of security solutions to Danish organizations, Kenneth is specialized within network and endpoint security, advising companies on a daily basis how to secure the right data protection under de-centralized and fragmented security challenges.