ADVANCE | Building Your Technology Advantage

View Original

Importance of user training in modern cybersecurity

The primary cyber threats faced every day by employees are phishing attacks. Phishing is a form of social engineering used to steal data or compromise usernames and passwords of employees. An attacker will send an email, instant message, text message or social media message impersonating a trustworthy source, such as a reputable business or even another employee.

Their intent is to trick the recipient into clicking on a malicious link to either install malware such as ransomware or provide details which would allow the attacker to gain access to corporate data and circumvent other cybersecurity defences. Once access is established, it is generally a matter of time before a data breach occurs, which can be devastating to a business.

Between 86% and 90% of cyberattacks start with, or involve, users and user behavior. This was found by Kaseya and Cisco.

Business Email Compromise (BEC) attacks, which focus exclusively on exploiting the ‘human factor’ are now the leading cause of cyber-related financial loss for Australian businesses. BEC attacks only account for 7% of all cybercrime, but the average successful attack costs the victim organisation $50,673 (ACSC 2020-2021 cybercrime report)

Also in the cybercrime report, the ACSC found the average costs of each successful cybercrime in Australia to be $8,899 (Small businesses, 1-19 staff), $33,442 (Medium businesses, 20-199 staff) and $19,306 (Large businesses, 200+ staff).

In a separate report, the ACSC found that 62% of SMBs (<200 staff) had been the victim of a cybersecurity incident. These stats make a strong case for cyber risk mitigation investment, and user training is a important pillar of a cyber risk mitigation strategy.

ACSC: Cybercrime reports and average reported loss by organisation size for financial year 2020–2021

Download the whitepaper to read more on how you can ensure your staff are prepared and trained to handle cybersecurity threats.

To discuss cybersecurity protection strategies for your business, leave your details below and an expert will get back to you.

Or call us on +618 8238 6500

See this form in the original post