Think Size Matters to Hackers? It Doesn’t



The largest of organizations aren’t the only ones being hit with cyberattacks. Everyone from the SMB on up is at risk and is actively a target.

David Kennedy, founder of IT security consulting company TrustedSec, recently keynoted at the Accountex 2018 conference about “The Hacking Age” where he spoke to Accountants about attack methods and who’s at risk. Accountants specifically should be concerned with the threat of wire fraud schemes – a threat that is up 340%, according to Kennedy.

He also spoke about the role the size of an organization plays in being a potential victim. Kennedy told the audience that “The size of organization doesn’t matter: Demographics may shift on who wants to target you, but the size of the company does not matter.

This statement aligns with findings from Hiscox’s Cyber Readiness Report, where organizations of every size (shown below) are experiencing cyberattacks.

Hiscox-Cyber-Readiness-Attacks-by-Org-Size

 

Kennedy stated that “Hacking into a large corporation is hard, but hacking an individual is easy. They don’t have the training or expertise to protect themselves.” So, it’s a balance for cybercriminals – an easier hack with a likely smaller payoff, or a tougher hack with a potentially large payoff?

The Hiscox data above makes the case that more larger organizations are being targeted, but given the opportunistic nature of automated phishing attack schemes, Kennedy may be closer to the truth, as larger organizations simply offer more avenues of entry (read: users), but often have better training to thwart off attacks.

Kennedy is on to something big here; his statement that users “don’t have the training or expertise to protect themselves” is so very true. Most users believe because they have Antivirus on their computer, they are protected. But nothing could be further from the truth.

To protect yourself against today’s threats, organizations of every size need to empower users with knowledge around attacks, attack methods, specific examples, and proper responses. This can be achieved with continuous Security Awareness Training.

Kennedy knows all too well how attackers think… and how users don’t. Regardless of your organization size, consider strengthening your security, as today, cyberattack is a question of when, not if.


On-Demand Webinar: How To Fortify Your Organization's Last Layer of Security - Your Employees

Webinars20When it comes to combating the growing number of cyber security threats, most organizations continue to place more trust in technology-based solutions than on training their employees to be more aware of the threat landscape and able to recognize the red flags in cyber breach attempts. Join Erich Kron as he explains the emerging threats, the strengths and weaknesses that users bring to an organization's security culture, and strategies to fortify your organization's last layer of security, your users.

Watch Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://info.knowbe4.com/webinar-fortifying-organization-security

Topics: Cybercrime, Phishing

Subscribe To Our Blog


Phishing & Social Engineering Trends On-Demand Webinar

Recent Posts




Get the latest about social engineering

Subscribe to CyberheistNews