Employees are a Potential Weak Link for IoT Security

When security breaches make the headlines, they usually concern malicious hackers or cyber criminals targeting critical data. The reality is, human error is a major factor in security and data breaches. No matter the size or scope of a breach, it is usually linked to an action or failure of someone within the company.

 

According to PhishMe, a phishing threat management company, 91% of cyber-attacks start with a phishing email. Good cyber defences cannot be accomplished through technology alone. Organisations must invest time into training employees to identify and be aware of potential threats, like phishing emails.

 

Employers have an important role to play in teaching their employees about good cyber security practice. Organisations of all sizes, both private and public, are vulnerable to security breaches, with every employee in an organisation representing a potential weak link.

 

It is no longer enough for a business to rely solely on firewalls, anti-virus software and other technical efforts it has in place to safeguard its organisation. With the right awareness and training, all members of staff can learn how to protect their organisation from attacks.

 

Employers should use internal communications to educate employees about what is best practice for cyber security. By implementing a cyber security awareness program companies can effectively combat poor internal security practices, phishing attempts and other cyber threats that can put businesses at risk.

 

Organisations have a growing number of connected devices, which hackers are targeting. Employees need to be made fully aware of how connected devices are part of the Internet of Things and need to understand how they fit into the wider network. They must also be made aware of the potential security threats that are out there and how they can alleviate the chances of a threat becoming a breach. By doing something as simple as regularly updating passwords for example, employees can help protect their organisation from intrusion.

 

Security training can be tailored to individual organisations, and even to departments or individuals within the organisation, so that it is relevant and engaging and delivers positive results in terms of security behaviour. After training staff to identify these attacks, organisations need to regularly monitor their cyber security processes. These should be regularly reviewed and updated and shared with all employees.

 

It is important to get internal communications right as it is a vital way of improving employee engagement and their understanding of security.

 

To find out more about the importance of good security practices please download our report in partnership with Scrutinise Research and Analysis, here:

https://www.ilexcontent.com/addressing-security-in-the-internet-of-things-iot/

 

Posted on 22nd September 2017 in IoT Security

Back to Top