Cost for QD employees to rent an apartment in Chico, CA. $1,200/month. Please turn off your ad blocker in Quality Digest
Our landlords thank you.
Evita Anilionyte
Published: Wednesday, January 18, 2023 - 12:00 (NordLayer: New York) -- NordLayer’s analysis reveals the 10 most common cybersecurity mistakes made by employees. With hybrid work models and working from anywhere still popular, the risks increase, along with potential costs for businesses. An expert from NordLayer shares tips on what businesses can do to avoid these mistakes. The following reports from consulting and cybersecurity companies disclose: 91 percent of all cyberattacks begin with a phishing email (according to data from the last year, at least one person clicked a phishing link in 86 percent of organizations); 90 percent of IT decision makers claim legacy systems are holding their companies back; and employee negligence accounts for 84 percent of reported cyberattacks. “The figures above demonstrate how important it is for organizations to pay attention to employees’ online behavior,” says Carlos Salas, an engineering manager at NordLayer, Nord Security’s network access protection for businesses. Salas underlines the following most common employee cybersecurity habits that may pose a risk to businesses: 1. Weak passwords. People tend to prioritize convenience over security, often reusing weak passwords on all their accounts. The latest research by NordPass demonstrates what the most common passwords are and how often they are being reused. 2. Keeping business data on personal devices. With company networks expanding rapidly, more employees use unsupervised devices for business purposes, making it harder to ensure the security of sensitive information. 3. Clicking before thinking. Fast-paced work environments require employees to communicate and act quickly, which often leads to them clicking on malicious phishing links—especially if they lack sufficient cybersecurity training. Data reveal that internet users detect only 53 percent of phishing websites. 4. Leaving work equipment unattended. Doing so can be especially dangerous if a person is working remotely or in a public place, because company data can be exposed to strangers. 5. Not taking cybersecurity responsibly. The most advanced technological solutions are helpless against human-induced mistakes, such as falling victim to social engineering. 6. Not securing the internet connection. With WFH and WFA trends becoming more popular, employees who aren’t aware of the importance of network security can be at risk of confidential information leaks. Unfortunately, 30 percent of employees don’t use a VPN when working remotely. 7. Lack of cyberawareness. Cyberthreats are most dangerous when they exploit the naivety of employees. Data show that 61 percent of employees lack basic cybersecurity knowledge. 8. Indefinitely postponing software updates. Delayed updates mean an increased risk of cyberthreats because they usually fix vulnerabilities in software. 9. Confusing compliance with cybersecurity. One of the most frequent misconceptions about cybersecurity is that regulatory compliance will make the company unhackable. While it’s true that being compliant helps to drive down data breach costs, it’s not the main purpose of regulations. They exist to ensure that appropriate standards are set when businesses handle sensitive data. However, the actual application of the regulations is left to the company. 10. Plugging in unknown devices. An unattended USB thumb drive could spark curiosity to check what’s on it; 48 percent of people plug into their computers USB drives found in strange places like parking lots. However, doing so can open the door to a hacker’s attack. “Cybersecurity is crucial, and negligence might be costly for businesses,” says Salas. “This is why it’s in the best interest of companies to treat employee cyberawareness seriously. One of the most effective ways to do so is to organize regular cybersecurity awareness training. It’s important to inform employees about every possible threat they can encounter and raise awareness about the shared collective responsibility for the company’s security. Spreading awareness is one step toward a whole new organizational culture.” Sigita Jurkynaitė, an information security manager at Nord Security, agrees with Salas and gives the following advice to businesses: “The worst takeaway would be to start treating your employees as the weakest link. That’s the opposite of what you should be doing, because treating your employees as partners and investing in their cybersecurity awareness can pay back tenfold. However, it shouldn’t be done just to ‘check the box.’ The process should be a continuous one. Make it engaging and fun, and avoid resorting to punishments if an employee fails a test.” Quality Digest does not charge readers for its content. We believe that industry news is important for you to do your job, and Quality Digest supports businesses of all types. However, someone has to pay for this content. And that’s where advertising comes in. Most people consider ads a nuisance, but they do serve a useful function besides allowing media companies to stay afloat. They keep you aware of new products and services relevant to your industry. All ads in Quality Digest apply directly to products and services that most of our readers need. You won’t see automobile or health supplement ads. So please consider turning off your ad blocker for our site. Thanks, Evita Anilionyte is the junior public relations specialist for NordLayer. Her expertise is in cybersecurity. The 10 Employee Mistakes That Cause More Than 84% of Cyberattacks
How businesses can protect themselves
Threat statistics and employee online habits
What companies can do to help employees avoid mistakes
Our PROMISE: Quality Digest only displays static ads that never overlay or cover up content. They never get in your way. They are there for you to read, or not.
Quality Digest Discuss
About The Author
Evita Anilionyte
© 2023 Quality Digest. Copyright on content held by Quality Digest or by individual authors. Contact Quality Digest for reprint information.
“Quality Digest" is a trademark owned by Quality Circle Institute, Inc.