01-28-2019 , 04:30 PM
Quote:Why it’s important for organisations to train staff in cybersecurity
Breaches are an ongoing issue that organisations face on a day to day basis. For as long as risk carries a level of uncertainty, preventing it is hard to do. But there is a difference between accepting this fact and doing nothing about it and accepting this fact and using all reasonable efforts to mitigate breaches from taking place. One of the measures observed in practice that organisations are failing to take is in training staff on cybersecurity. Here are just some of the reasons why the efforts of training staff requires more attention.
Social Engineering
Cybersecurity is beyond the IT team as staff play a significant part too. As the drivers of an organisation, hackers commonly use them as vectors. This is especially evident when we look at the cyber kill chain’s first stage. It requires gathering information about the target. Here are where they exploit weak spots to obtain relevant information to carry out intended attacks. Hackers use social engineering as just one of the tactics but it is the most common as they can deploy it easily. They know about the lack of training that exists amongst staff in general and it sometimes just takes targeting one person.
It is important for staff to be aware of social engineering because together they make up more than the Board and IT team. Examples of areas organisations should elude staff to include social media content and being manipulated into allowing unauthorised visitors onto the work site. In addition, phishing emails are still on the rise, advancing each time and show no signs of slowing down anytime soon. Staff need training on avoiding being targets of this.
Read the full article here:
https://latesthackingnews.com/2019/01/27...rsecurity/