While historically being seen as an organization’s greatest asset, the latest report from the analyst firm Ponemon cites humans as the weakest link.
According to Ponemon’s 2019 Cost of Cybercrime report, nearly 80 percent of organizations are digitally innovating faster than they can secure these innovations against cyberattacks. That’s a troubling statistic, particularly when the very same report states that it’s employees you should be worried about:
“Whether by accident or intent, many employees are often the root cause of successful cyberattacks.”
With only 16% of CISOs stating they hold the employees in their organizations accountable for cybersecurity today, organizations must take an employee-centric stance on implementing security.
According to the report, organizations should “embed cybersecurity into the fabric of the organization.” To accomplish this, the report advises “training employees to think and act with security in mind.”
Both Security Awareness Training and Phishing Testing are mentioned as essential aspects of a plan aimed at creating a security-minded organization. Continual training can be used to educate the user on why being security-conscious is part of their role in the organization, what kinds of tactics are used in phishing and web-based attacks, and how to identify potentially malicious content on the web and in email.
As organizations continue to innovate, it’s critical to realize the security deficiencies created, and empower employees to participate in the organization’s security strategy as one of the only constants in an ever-changing business landscape.