Total Security Advisor
Practical Security Tips, News & Advice.
Updated: Jan 24, 2023
Despite the well-known impacts of cyber breaches—whether financial, operational, or reputational—companies continue to suffer from crippling cybersecurity attacks year after year. In 2021, the number of data compromises increased by 68% from the year before.
A single successful breach can have a devastating financial impact on an organization. A data breach in the U.S. costs over twice the global average, with the average cost reaching nearly $9.5 million in 2022.
Regardless of industry, size, or location, any organization can become a target for cybercriminals, especially as the threats evolve and become more complex. While technological safeguards are important tools for prevention and response, 82% of breaches involve human error.
The reality is that employees are the first line of defense in any business, and their awareness of cyber threats and understanding of preventative measures can make all the difference.
To better understand the current level of security awareness among American workers, we at Fortra’s Terranova Security commissioned research in partnership with IPSOS to uncover the perceptions that U.S. employees have around cybersecurity within their companies, as well as their role in the process.
We found that the level of concern among employees for company data was alarmingly low. More than a third say they have little-to-no concern about data theft at work, and one in five Americans believe they can’t be targeted at all by cybercriminals.
This should raise some concerns for business leaders. Not a week goes by without a headline about a ransomware attack halting operations at a business, or more threats from cybercriminals to release sensitive and personal data on the Dark Web.
You can have the most powerful, cutting-edge security technology in the world, but if people aren’t aware of the risks, or aren’t clear on the impact that a breach can have, company information is at risk.
While the research uncovered some concerning findings, it also provided some answers on how businesses can turn perceptions around.
First, better communication is needed from businesses. There’s a lack of understanding among employees regarding the important role they play in protecting information. More than three-quarters of employees in the U.S. think it’s solely the IT department’s job to protect company data, even though most breaches stem from human error. By communicating and re-enforcing the message that each person plays an important role in data and system protection, companies will take a simple but powerful step toward being more secure.
This leads to the importance of education and culture. Employers grant their staff access to technology and other digital assets, and they have a responsibility to educate their staff on the risks associated with those technologies. We can not simply assume the users of technology have been previously informed on the threats and how to recognize them.
In our research, only 41% of employees say they work in a company where cybersecurity awareness training is mandatory and nearly a third say their company doesn’t offer any at all. Clearly, much more can be done to support and educate employees about cyber threats.
Employees are open to training, too—77% believe cybersecurity training is interesting, and 57% have started or completed the training when it’s offered to them.
It’s imperative for businesses to prioritize educating and training their people about the looming cyber threats to mitigate the human risk factor. Over time, regular training will change employee behaviors and build a culture of security awareness at all levels within the company—one where the mindset of protecting sensitive information is always front and center for everyone, from the most senior executives to the most junior employees.
Once you have this culture developing, along with well-informed employees who understand the importance of data security, you have a strong line of defense against any cyber threat.
Theo Zafirakos is CISO of Fortra’s Terranova Security.
Download this free report to learn seven steps to protect your facility from workplace violence.
This report is sponsored by the Total Security Summit, an event specifically organized for VPs, Directors, and Managers of Security who are directly concerned with their facility’s security and safety operations.
The Security Industry Association (SIA) announced a major milestone in its SIA OSDP Verified initiative – that over 100 device models have been named OSDP Verified through the comprehensive program, which validates device conformance to the SIA Open Supervised Device Protocol (OSDP) standard. SIA OSDP standard is an access control communications protocol standard maintained by SIA to improve interoperability, add […]
GXO Logistics, Inc., the world’s largest pure-play contract logistics provider, announced that it has deployed advanced air and ground security robotics at one of its major distribution centers in Clayton, Ind., and plans to significantly increase deployment of automated security systems across other sites within the next year. This would be the largest air and […]
The Security Industry Association (SIA) is pleased to announce the first members of its Utilities Advisory Board Steering Committee. SIA created the Utilities Advisory Board to offer insight and education to security practitioners, members of the security industry and other stakeholders about emerging security trends, regulatory compliance issues, and recommended practices for protecting utility infrastructure. The steering committee members, […]
SILVER SPRING, Md. – The Security Industry Association (SIA) has named Alice DiSanto the 2022 recipient of the SIA Committee Chair of the Year Award, which recognizes individuals for excellence in leading SIA committees and advancing member objectives. SIA will present DiSanto with the award at The Advance, SIA’s annual membership meeting, which will be held March 22 during […]
ISC West, in collaboration with premier sponsor Security Industry Association (SIA), continues to experience steady growth for the upcoming event, and will be taking place just less than two months away on March 22-25, 2022 at the Venetian Expo in Las Vegas (SIA Education@ISC: March 22-24 | Exhibit Hall: March 23-25). After initial reports of […]
Our world is full of threats both external and internal. This whitepaper encourages looking at life safety and security measures on your campus from another perspective. Most facilities have addressed access control and the securing of main doors, but those should be measures of last resort. There are steps you can take — some that you may not have considered — to mitigate the threat before it arrives at your front door.
The 2019 Total Security Salary Guide is here to help physical and technical security employers and employees understand where they stand in today’s security job market. This Salary Guide includes not only salary and wage data from 2017 to 2018, but also certification information as it applies to 20 benchmarked exempt and nonexempt security positions.
A proliferation of cameras has resulted in an overwhelming amount of video available to security operators, analysts and investigators. Technology that used to be prohibitively priced, is now cheap and readily accessible.
Learn how to protect your people, assets and physical spaces better with AI-powered solutions that deliver whole-building security.
