This year saw the highest average cost of a data breach, rising to $4.24 million from $3.86 million in 2020.
The cost jump likely is connected to the recent increase in remote workers, which, while good for employee satisfaction, complicates security.
According to IBM’s annual report, not only did remote breaches take longer to contain (by 58 days), they also cost upward of a $1 million more in damages—from detection and crisis management to victim assistance and lost business. When personally identifiable information (PII) gets into the wrong hands, organizations may lose customer trust, accrue fines, or even face legal consequences.
Who are the main security breach culprits?
Stolen credentials and comprised business emails.
While your CTO may integrate the most cutting-edge cybersecurity technology, your employees’ work habits are crucial to keeping data safe.
New attack methods arise every day, each one more subtle than the next. Sure, some employees may fall victim to a suspicious attachment, but sly scammers are now leveraging information from social sites like LinkedIn and can reach out directly to employees from what appears to be their manager’s email address.
It requires an eagle eye and vigilant spirit to stave off cyber criminals.
If you’re a C-level executive, it’s time to make cybersecurity training priority one throughout your organization. Creating a culture of caution starts at the top.
While annual training is a good start, a once-a-year obligation is just too easy for employees to check off and then revert to old habits. Some organizations even initiate practice attacks to familiarize their staff on phishing and social engineering scams.
Businessolver’s Chief Engagement Officer, Marcy Klipfel weighs in, “Training shouldn’t stop after onboarding. Encourage your IT department to get creative to keep staff on their toes by sending out the occasional mock phishing email. Those who click any malicious links will be directed to a message about the importance of staying vigilant over email. This can be a lighthearted way of keeping employees aware and ensuring that their cybersecurity knowledge is up-to-date.”
Attackers rely on a single moment of human error; just one errant click can compromise data.
No news is good news.
Security breach headlines are commonplace. But no one publishes stories about attacks that were fended off by gateways, antivirus software, and human acumen. Business as usual is boring for media, but exhilarating for your IT team. Ultimately, cybersecurity training trumps technological innovation.
October is Cybersecurity Awareness Month and we’ve created a toolkit for you, Password Protected. Inside you’ll find tips, resources, and expert guidance to upgrade your security strategy.