06 Oct Security Breach – 6 Oct 2023
There’s nothing more dreadful than sitting in a classroom and being taught a subject that doesn’t pique your interest. Granted, everyone understands the importance of security, but they often underestimate how vital maintaining a healthy IT network is or that they may bear any responsibility for that at all. In fact, an estimated 45% of staff say that they don’t need to worry about cybersecurity safeguards because they don’t work in the IT department.
A big reason that employees don’t actively participate or pay attention during a security awareness training session is that the material or approach is about as lively as a flesh-eating zombie on a vegetarian diet. Typical training programs follow cookie-cutter, one-size-fits-all approaches to educating employees. The only way to overcome this challenge is by constantly updating the training material to stay ahead of the game.
But one size doesn’t actually fit all. Different employees have diverse skills and responsibilities in a company, so providing the same training to everyone isn’t ideal. It’s important to be conscientious of each individual’s unique capabilities and shortcomings. Organisations need to customise their security awareness training programs to address the unique threats their departments face and ensure their employees don’t accidentally dig their own graves or fall prey to booby traps.
Understanding the fundamentals of practicing good cyber hygiene is essential for building a strong security culture that reduces cyberattack risk. Security-related risks are reduced by 70% when businesses invest in regular cybersecurity awareness training.
Recent Breaches
United States – Progressive Leasing – Product Leasing Company
Exploit: Ransomware
Risk to Business: Severe: Progressive Leasing announced that it was the victim of a cyberattack last week that took down the company’s systems. The company told the U.S. Securities and Exchange Commission that bad actors stole data including customers’ personally identifiable information including social security numbers. Progressive said that it has engaged a third-party firm to investigate the incident.
United States – McLaren Health Care – Health System
Exploit: Ransomware
Risk to Business: Severe: The ALPHV/BlackCat ransomware gang has added McLaren Health Care in Michigan to its list of victims on its dark web leak site. The group claims to have 6TB of data impacting 2.5 million patients. As part of this attack, McLaren was forced to shut down IT systems temporarily at 14 of its facilities. Hospitals in four states were forced to cancel appointments, divert ambulances and use paper records. The incident remains under investigation.
Talk to a TCT team member today about implementing cyber security and phishing training plan for your employees.
Robert Brown
6/10/2023
Related Articles:
How to Improve Security Without Sacrificing Convenience?
Vulnerability Management