The growing role of employees on frontline cybersecurity 

Cybersecurity is a major issue that every business needs to take seriously. It is now commonplace to see cybercrime making headlines as businesses are scammed out of money, or lose the personal data of individuals. So, perhaps it is no surprise that organisations are trying to do all they can to minimise the risk. 

Of course, it is important to invest in high-quality cybersecurity software and systems, as well as putting procedures in place to make it as hard as possible for cybercriminals. But you shouldn’t forget the importance of employees in your frontline cybersecurity.

Employees have an extremely important role to play. However, this is complicated by the fact that they can also be a major source of risk in cybersecurity. 

Employees are your greatest weakness

It is unfortunately the case that when it comes to cybersecurity issues, humans are definitely the weak link in the chain for businesses. Indeed, around 90% of cybercrime is thought to be possible as a result of humans. That’s a fairly damning indictment in the whole of your cybersecurity procedures.

Ultimately, what it means is that no matter what you put in place to keep your business secure – if you can’t rely on your employees to follow strong cybersecurity practice, then you will naturally remain vulnerable. This is something that businesses of all sizes and in all sectors need to consider very seriously.

…and your greatest strength

Having said that humans are the main problem in cybersecurity, it’s also worth noting that they are also by far the most important element in providing defence. As we mentioned above – even the most powerful cybersecurity software and defences can do nothing if employees don’t follow good practice.

However, when they do, it removes a large number of the most potent attacks from the arsenal of the cybercriminal. Those attacks that simply target the employee in the hope that they will make a mistake constitute a large amount of the total cyberattacks against businesses. 

Types of targeting employees

There are actually a large number of cyberattacks that directly target the employees of a company:

  • Phishing emails – These are commonly known as a huge problem for businesses. Phishing emails attempt to trick employees into clicking through to a link that appears to be a genuine page, but in fact, is a copy of a well-known site that will get you to enter your credentials. 
  • Social engineering – Some elements of cybersecurity require the trust of an employee. This is why many criminals employee so-called social engineering tactics. Here cybercriminals either attempt to gain the confidence of an employee or trick them into believing they are someone they are not.
  • Business email compromise – In a BEC attack, cybercriminals gain access to the account of someone important in the company. They then use the email address of that person to make a request such as a transfer of funds. These attacks often work because the employee takes for granted that the email is genuine. However, a simple phone call to that person, or speaking to them in person, would resolve the situation. 

There are many other types of attack that rely on the mistakes of humans and these can be entirely remedied with employees who know what they are doing. 

Why are employees a problem for cybersecurity?

One of the major issues with employees is the fact that they are typically granted such a high level of access to your system. This means that if a cybercriminal is able to breach their account and find another way in, they have exactly the same access to the company data as that employee does. 

Unfortunately, it is also extremely challenging for businesses to mitigate the risk of a cyber attack if the attacker already has access to the system. So much of cybersecurity software places a focus on keeping out incoming attacks – but there is little that can be done against an attacker who is already in the system. 

The importance of threat intelligence

One of the key ways that employees contribute to the overall cybersecurity of a business is in gathering threat intelligence. Threat intelligence is absolutely essential in modern cybersecurity, as companies need to understand the latest threats that they are facing, as well as keeping ahead of the sophisticated techniques being utilised by cybercriminals. 

“Understanding the risk that vulnerabilities pose to your organisations is hugely important,” says George Glass of Redscan “patching every vulnerability is highly unlikely so it’s about understanding which poses the greatest threat and ensuring that they are prioritised. Knowing what attackers are going to be performing to compromise your environment is absolutely vital.” 

There are many technical sources of threat intelligence that are available to cybersecurity professionals. But in many ways, it is just important that employees gather intelligence through news sources, social media and more. 

How employees help to minimise cybersecurity risk

So, how exactly can employees risk the risk of cybercrime? Well, it’s actually the case that employees are important across the field and throughout the lifecycle of a cyberattack. 

  • Sticking to the rules – Organisations put specific rules in place in order to mitigate cybersecurity risk. It is up to employees to ensure that they stick to these rules. 
  • Detection – Employees play an important role in detecting cybercrime. Being vigilant and being aware of when something doesn’t feel quite right are both important elements that employees need to be aware of.
  • Following procedure – Companies must have a plan in place to deal with any kind of cybercrime incident. Employees should understand their specific role and be ready to act accordingly and promptly. 

The importance of continuous training

Clearly, it is the case that employees are important for the ongoing cybersecurity of a business. And the way that they can be most effective is by understanding what they need to, as well as knowing the potential risks and dangers posed. This means that businesses must invest in high-quality training programmes. 

Staff cybersecurity training should not be thought of as a singular event when someone is brought into the business. Staff should have regular cybersecurity training sessions to keep them up-to-date with the technique and tactics being used by cybercriminals. 

Final thoughts

Employees can only be a strong defence against cybercrime if they are allowed to be by the company that they work for. Those employees that are given training, and understand their responsibilities will be far more effective than those who think cybersecurity is simply something that the IT department deals with. 

Leave a Comment

%d bloggers like this: