We hear about large businesses being breached on a regular basis. These are large firms with big budgets that spend lots of money on cybersecurity, yet the hackers are still getting through. If they can break into large businesses with strong fortification, they will be even more successful with SMBs — essentially, easier targets.
You can’t rely only on technology alone to prevent a data breach. People are the weakest link in the cybersecurity chain and if you businesses is vulnerable then take look at your security awareness training program. Training your people is key to any defense in depth strategy and one of the three pillars of cybersecurity — people, process, and technology.
According to Gartner, people influence security far more than any technology or policy.
- 93% of successful data breaches start with a phishing attack
- 30% of recipients open phishing messages
- 95% of all attacks are due to human error — typically coming in via a user’s inbox
- 70% of executives paid to resolve ransomware hacks
- 50% become unprofitable within one month of a phishing attack
- 36% of businesses attacked lost money
- Phishing testing has proved to be effective at diminishing the success of phishing attacks
Many industries, including the financial and health care industries, acknowledge that people are the weak link in the cybersecurity chain and are putting regulations in place for security awareness training. When firms are audited, they will ask for records that security awareness training was conducted.
“Clients that treat security education as an inherently unproductive investment are a diminishing group, and the overall market is increasingly focused on security education that is proven to be effective and efficient at driving enterprise security performance,” according to Gartner.
ACE IT Solutions provides organizations with security awareness training and simulated phishing solutions to mitigate the risks of these inadvertent internal cyberattacks. To boost your cybersecurity posture, contact ACE IT Solutions at 646.558.5575 and ask about getting started with our phishing testing and security awareness training program.