Cybercrime – when employees become a risk factor

Cybercrime – when employees become a risk factor

In these days, Trojans, surveillance attacks and Internet fraud are part of the digital workday. However, these threats are often underestimated. Especially internal employees can become a risk factor in terms of cybercrime. Often, they are not sufficiently sensitized to potential dangers. In this blog article, we want to show you how to achieve maximum protection from cybercrime using the right combination of education and the implementation of IT security systems.

 

One in three German companies was affected by a ransomware attack in 2016. 20 percent of them had to deal with significant IT infrastructure outages, while 10 percent even lost their data completely according to a study published in “manage it”. Once again this illustrates the importance of dealing with cybercrime issues.

 

An old proverb says: “A chain is only as strong as its weakest link.” But this is only half the truth. It’s not only the IT security officer in a company who should be informed about the state of current cybercrime topics, but also the employees. Often it is them who lack the required sensitivity. They behave too careless within the company’s IT environment and they lack the understanding in dealing with cybercrime. This at least is Dieter Kempf’s opinion. He is the President of the Federation of German Industries. Since 2013, he has been demanding an “IT security culture in the economy”, which is based on “transparency and cooperation”.

 

Encourage employees to lock out cybercrime

 

It’s not in the interest of company staff to infect the IT infrastructure of their employer with malicious software. Hence, in a case of damage it would be wrong to flatly denounce the affected employees and threaten to impose sanctions. In most cases, they did not deliberately place themselves and the company in this precarious position.

 

If you are a managing director or an IT security officer, you should rather develop a common awareness of cybercrime threats. For instance, you can convey a specific IT security culture to your employees by means of targeted and regular IT security training courses. And the best part of it is that the training works like a multiplier. If employees who have already learned how to deal with online crime act accordingly in their everyday work, new staff are likely to adopt this approach from their colleagues.

 

 

Employees and IT security systems – harmony is what matters

 

IT security solutions, such as Hornetsecurity Advanced Threat Protection, already guarantee the highest possible protection against cybercrime. However, a coherent IT security concept requires more than the mere use of preventive measures. The following is a small list companies should consider when protecting themselves against online crime and developing an IT security concept:

 

  • Who is the main responsible person for the IT security culture in the company?
  • Which devices can be used by whom within the company network?
  • In which way can employees use company data and where can they be stored?
  • What are the first steps in the event of a cybercrime attack in the company? Is there an emergency plan?
  • Who is the responsible contact in case of system failures or disruptions?
  • Who is allowed to enter certain rooms in which important IT systems are located?

Of course there are a lot more questions that companies should ask themselves. However, above all it is important to bring about the harmony, which is required in the interaction between man and machine in dealing with cybercrime.

 

Finally, it remains to be said that not even the best IT security solutions can fully protect against cybercrime, if there is no coherent IT security concept, which also takes the human factor into account. So if you count on a combination of state-of-the-art defense measures, such as email encryption, web filter and advanced threat protection, and you have a sophisticated IT security concept in addition, you will minimize the risk of a cyberattack many times over.

 
 

More informationen:

  1. Try out Hornetsecurity ATP, web filter or email encryption.
  2. Do you already know the Hornetsecurity Knowledge Base? Click here for more information.