September 21, 2017 By Douglas Bonderud 3 min read

Malware infections and data breaches are trending upward. In its “State of Malware Report,” security company Malwarebytes detected nearly 1 billion malware payloads in 2016, with ransomware taking the lion’s share and accounting for 66 percent of all attacks. Meanwhile, Help Net Security noted that Office 365 account compromises are on the rise as cybercriminals use legitimate-looking phishing emails to trick users and steal their credentials.

The logical conclusion: Cybersecurity threats for small and midsize businesses are driven by active, malicious cybercriminals hell-bent on causing trouble. However, according to a new survey from Keeper Security and the Ponemon Institute, titled “The 2017 State of Cybersecurity in Small and Medium-Sized Businesses,” more than half of IT experts point to another source: employees.

Unintended Consequences of Cybersecurity Threats

Most staff members aren’t trying to expose small and midsize businesses (SMBs) to cyber risk. While it’s possible that disgruntled current employees or ex-staff members could use their credentials to cause havoc, it’s typically not worth the risk.

So what’s happening? Put simply, the consumerization of technology has unintended consequences. Users are now accustomed to having personal device access anytime, anywhere, leading them to leverage insecure cloud apps. Since nearly half of business-critical applications can be accessed via tablets and smartphones, employees may accidentally leak confidential information.

Far and away the most worrisome attack vector is phishing. As noted by the Keeper Security report, 54 percent of SMBs experienced a cyberattack in the past year, and 79 percent of those attacks were phishing efforts.

Recognizing Key Issues

So how do companies solve the problem of staff-based cybersecurity threats? The first step is recognizing key drivers.

A recent poll conducted by Centrify found that bored employees represent the biggest single risk to data security. It makes sense, since staff members who aren’t paying attention won’t catch potential threats.

Another problem is lack of training. Many phishing messages are well-written, contain seemingly legitimate links and may even come from email addresses within the company. Add in the social stress of urgent mail supposedly sent from finance or C-suite leaders, and it’s no wonder employees are willing to click through to compromised sites. Even if they realize something has gone awry, employees may not report the issue to IT for fear of being reprimanded or fired.

Solving the Problem

Solving for employee-sourced cyberattacks isn’t a perfect science. No matter how much SMBs invest in training and education, there’s always the chance of a breach. However, it is possible to significantly reduce total risk.

Start with clear, hands-on training. Teach staff members what a phishing email looks like, then provide real-world scenarios to help spot them. Make it clear that not responding to suspicious emails won’t lead to punitive measures, even if these emails later turn out to be legitimate.

This step is critical. Since SMBs must operate at full capacity to hit revenue targets and stay competitive, employees often feel like they’re better served taking the risk on suspicious emails rather than contacting IT or asking the sender for verification. If management, IT and staff members are all on the same page, however, it’s possible to sidestep most phishing attempts.

Clear mobile device policies are also critical. Since most SMBs will allow employees to use personal devices to boost productivity, IT teams need to hold the line on installing remote-wiping apps and restricting access to files as needed. Offering a corporate virtual private network (VPN) and educating staff members about public Wi-Fi risks can also strengthen the organization’s security posture.

The bottom line is that SMB cybersecurity threats are on the rise, and employees are the source of the problem. Security leaders can limit the chance of compromise with better training, clear policies and management support.

More from

How will the Merck settlement affect the insurance industry?

3 min read - A major shift in how cyber insurance works started with an attack on the pharmaceutical giant Merck. Or did it start somewhere else?In June 2017, the NotPetya incident hit some 40,000 Merck computers, destroying data and forcing a months-long recovery process. The attack affected thousands of multinational companies, including Mondelēz and Maersk. In total, the malware caused roughly $10 billion in damage.NotPetya malware exploited two Windows vulnerabilities: EternalBlue, a digital skeleton key leaked from the NSA, and Mimikatz, an exploit…

3 Strategies to overcome data security challenges in 2024

3 min read - There are over 17 billion internet-connected devices in the world — and experts expect that number will surge to almost 30 billion by 2030.This rapidly growing digital ecosystem makes it increasingly challenging to protect people’s privacy. Attackers only need to be right once to seize databases of personally identifiable information (PII), including payment card information, addresses, phone numbers and Social Security numbers.In addition to the ever-present cybersecurity threats, data security teams must consider the growing list of data compliance laws…

ICS CERT predictions for 2024: What you need to know

4 min read - As we work through the first quarter of 2024, various sectors are continuously adapting to increasingly complex cybersecurity threats. Sectors like healthcare, finance, energy and transportation are all regularly widening their digital infrastructure, resulting in larger attack surfaces and greater risk exposure.Kaspersky just released their ICS CERT Predictions for this year, outlining the key cybersecurity challenges industrial enterprises will face in the year ahead. The forecasts emphasize the persistent nature of ransomware threats, the increasing prevalence of cosmopolitical hacktivism, insights…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today