Stuart O'Brien, Author at Security IT Summit | Forum Events Ltd

  • Covid-19 – click here for the latest updates from Forum Events & Media Group Ltd

Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd

Posts By :

Stuart O'Brien

McAfee on cybersecurity for the ‘new normal’ while managing the skills gap

 960 640 Stuart O'Brien
By:
0
0

Cybersecurity is now in the midst of an unprecedented challenge. While the scale, complexity and financial impact of data breaches and cyber attacks continue to increase, the pool of skilled professionals to fill security roles is dwindling.

According to research in March from the Department for Digital, Culture, Media and Sport, approximately 653,000 (48%) businesses have a basic skills gap, which means that those in charge of cybersecurity at those organisations lack the confidence to carry out the tasks laid out in the Government-backed Cyber Essentials scheme and do not have external support to do so. 

In practice, this means that almost half of UK businesses are unable to tackle the cybersecurity basics, such as setting up firewalls, storing or transferring personal data and detecting and removing malware. A further 408,000 organisations have “more advanced skills gaps”, covering areas such as penetration testing and security architecture.

Being unable to recruit skilled talent is simply exacerbating this problem, with employers identifying 35% of their security vacancies in the last three years as “hard to fill”.

Security teams are now being tasked with greater responsibility than ever, including getting entire workforces mobilised to work from home efficiently and securely, while battling a changing threat landscape. In light of the challenges they face today, it is more important than ever to take an intelligent, cloud-native approach to endpoint security.

We spoke to Adam Philpott, EMEA president at McAfee, about ways of managing the skills gap without compromising on security…

What can be done to tackle the skills gap issue in cybersecurity?

“To tackle such a complex issue requires both “top-of-the-funnel” intervention and investment from government organisations, but also collaboration across the cybersecurity industry and concrete measures from companies themselves.

“We can try to bring talent in further down the line, for example training employees later in their careers, but ensuring we have more talent available in the first place is essential. That is why nationwide investments in training in the technology sector, such as the establishment of a new UK Cyber Security Council to provide a framework for cybersecurity qualifications, are crucial and instrumental to closing the widening skill gap.

“However, there’s much that individual businesses can do to tackle the issue at their level, including implementing initiatives (whether it’s in collaboration with others in the industry or on their own) to promote greater diversity and attract more talent. For example, at McAfee we are targeting talent from outside of IT and security for many roles – an approach that requires thoughtful support mechanisms for onboarding and ongoing development.”

How much of an impact is a lack of diversity having on the wider skills gap, and how can it be combatted?

“A lack of diversity in recruitment processes, often coming through unconscious bias, means that businesses are missing out on large parts of the talent spectrum. This leads to slower progress in tackling the technical skills gap currently facing the industry.

“Building diverse teams should be a no-brainer for businesses, as doing so has clear benefits – from boosting creativity to achieving greater financial success. Companies in the top quartile for gender diversity are 15% more likely to have financial returns above their respective national industry medians, as well as benefitting from a wider bank of perspectives and expertise to draw on. Above all, diversity in the workforce is attractive to new talent and leads to better problem solving as well as improved service for customers of all backgrounds and perspectives.

“When working to combat the skills gap, companies should aim to weave diversity into every single process, programme and initiative. In practice, this means constantly thinking about different ways to access a more diverse talent pool, such as implementing flexible working practices. Alongside this, it’s important that companies are addressing the problem in the recruitment and interview processes, to ensure that hiring is as fair as possible. For instance, if an organisation is looking to recruit a better balance of men and women, it could change the wording in job adverts to make them more gender neutral or ensure that there is at least one woman on every interview panel making a recruitment decision on a candidate.”

How can organisations ease the burden on stretched IT teams without compromising on security?

“The average IT department manages thousands of endpoints, from desktops to IoT devices and everything in-between. Unfortunately, many security solutions simply dump too much information on stretched security teams and rely on senior analysts to investigate threats. When the skills gap issue is factored in, this can lead to serious holes in an organisation’s security posture.

“During the last few months of Covid-19 and the shift towards remote working, many businesses have been forced to accelerate a process of digitization, which in turn gives rise to two dimensions of complexity. Firstly, the infrastructure complexity that comes with more devices being connected and more cloud services being consumed. All of this needs protecting within the security OpEx envelope.

Secondly, there’s the security complexity, where a fragmented (or “best of breed”) solution weakens an organisation’s overall security posture. Both of these complexities put an undue burden on talent, exacerbating the ongoing skills gap issue.

“Some businesses look to outsource their threat detection and analysis, but in essence this only shifts the need for experts from one business to another. Rather than take this approach, organisations need to invest in the right cloud-native tools that identify and contain threats, but also help to upskill more junior staff and lighten the load for employees.

“Integrated solutions monitor and collect activity data from endpoints that could point to a threat, providing the visibility and context needed for security personnel to act. By analysing the data to identify threat patterns, its AI-driven response capabilities can automatically remove or contain threats and notify analysts, while the forensics and analytics tools hunt for identified threats and suspicious activities.

“Automation plays a key role here, handling a high volume of low intellect threats, which frees staff up to focus on higher-value work. By trusting in automated investigation, organisations can reduce alert noise and set up processes which enable staff to do more with less. This is vital for the business to maintain a consistently strong security posture, while allowing human personnel to focus on tasks that do more than just keep the lights on.”

One million scam emails reported to NCSC

 960 640 Stuart O'Brien
By:
0
0

An influx of cryptocurrency investment scams is among a range of online threats which have been blocked as a result of more than 1 million suspect emails being reported by the public in just two months.

More than half of the 10,000 online links to scams blocked or taken down by the National Cyber Security Centre (NCSC) with the help of the public relate to cryptocurrency schemes, where investors are typically promised high returns in exchange for buying currency such as Bitcoin.

The scams have all been detected since the launch in April of the Suspicious Email Reporting Service, a tool which allows the public to forward suspect emails which may link to fraudulent websites.

The service, which was launched as part of the Government’s Cyber Aware campaign, has received a daily average of 16,500 emails and has now reached the milestone of one million.

While cryptocurrency scams – which cost the public millions of pounds annually – have been the main scam detected, there have also been numerous examples of fake online shops and spoofs involving brands such as TV Licensing, HMRC, Gov.uk and the DVLA.

NCSC Chief Executive Officer Ciaran Martin, said: “Reaching the milestone of one million suspicious emails reported is a fantastic achievement and testament to the vigilance of the British public.

“The kind of scams we’ve blocked could have caused very real harm and I would like to thank everyone who has played their part in helping make the internet safer for all of us.

“While it’s right that we should celebrate reaching this milestone, it is important for all of us to remain on our guard and forward any emails that don’t look right to report@phishing.gov.uk.”

Digital Secretary Oliver Dowden, said: “We are committed to making the UK the safest place to be online and are working tirelessly to defeat cyber criminals.

“I urge everyone to continue reporting suspicious emails and follow our Cyber Aware campaign top tips for staying secure online alongside our worl-leading National Cyber Security Centre advice.”

The Suspicious Email Reporting Service was launched as part of the Cyber Aware campaign, which promotes protective behaviours to keep your online accounts and your devices as secure as possible.

To use the reporting service, people are asked to simply forward suspect emails to report@phishing.gov.uk. If they are found to link to malicious content, it will be taken down or blocked, helping prevent future victims of crime.

Latest figures show that 10% of the scams were removed within an hour of an email being reported, and 40% were down within a day of a report. 10,200 malicious URLs linked to 3,485 individual sites have been removed thanks to the 1 million reports received.

The Suspicious Email Reporting Service was co-developed with the City of London Police. As well as taking down malicious sites it will support UK policing by providing live time analysis of reports and identifying new patterns in online offending – helping them stop even more offenders in their tracks.

Attend this November’s Security IT Summit in person or virtually!

 960 640 Stuart O'Brien
By:
0
0

November’s Security IT Summit will be taking place as a hybrid event, giving the you the choice of attending in person or remotely using our best in class online meetings platform.

November 5th, Hilton London Canary Wharf

Each delegate place is entirely free and includes benefits such as;

  • Flexibility – Your attendance is flexible, you can either attend for half a day or the full day.
  • LIVE Seminars – Attend LIVE topical seminar sessions led by industry thought leaders and gain access to additional industry webinars.
  • Industry Webinars – As well as the seminars, your pass gives you access to additional industry webinars, relevant to your role.
  • Personalised Itinerary – We can build you a bespoke itinerary of relaxed, 1-2-1 meetings with innovative and budget savings suppliers who match your requirements.
  • Save time – We will handle everything for you, by arranging all your personalised meetings prior to the event based on your requirements, all you need to do is arrive and enjoy.

5th November 2020 – Click here to secure your free place

McAfee advocates shared responsibility for cyber security in manufacturing

 960 640 Stuart O'Brien
By:
0
0

McAfee’s latest Cloud Adoption and Risk Report revealed that between January and April 2020, enterprise use of cloud in the manufacturing industry spiked by 144%, compared to the average overall enterprise increase of 50%.

Likewise, external attacks on cloud accounts increased by 630%, with manufacturing verticals seeing a 679% increase in threats, making it one of the most affected sectors.

A previous report from McAfee – Grand Theft Data II – The Drivers and Shifting State of Data Breaches – revealed that IT security professionals across all sectors, including manufacturing, are still struggling to fully secure their organisation and protect against breaches, with 61% claiming to have experienced a data breach at their current employer

The firm says data breaches are getting more serious and are under greater scrutiny – nearly three-quarters of all breaches have required public disclosure or have affected financial results.

One major issue highlighted in the report is that security technology continues to operate in isolation, with 81% reporting separate policies or management consoles for cloud access security broker (CASB) and data loss prevention (DLP), resulting in delayed detection and remediation actions.

Mo Cashman, Principle Engineer at McAfee, has outlined key issues with this approach and how they can be addressed:

Why is collaboration and shared responsibility important for improving overall governance in the manufacturing industry?

“We often see blurred lines when it comes to responsibility for data security, cybersecurity and compliance in the manufacturing space. Unfortunately, lack of clarity about who owns what as part of a shared responsibility model means Information Technology (IT) and Operational Technology (OT) convergence is increasing cyber risk. For example, IT systems are used on the OT side, giving OT teams some level of responsibility for managing data security and governance. However, a combination of differing systems and policies as well as lack of transparency between teams can make it challenging to manage security as a whole. This challenge is further compounded because shared responsibility must also factor in the supply chain, and suppliers often bring their own security controls into the mix through the installation of their own devices. 

“By implementing a shared responsibility model, teams can come together and create full visibility of who is responsible for each piece of the puzzle – for example, handling security at system and programming levels. This can ensure that the right controls are adopted where they are needed, while providing an encompassing view of security systems across the organisation.  

“With a collective understanding of risk and responsibility between IT, OT and the supply chain, organisations are moving their security posture and data governance up one level. A good example of this already in practice is the cloud: as organisations become increasingly aware of their role in the shared responsibility model to secure the cloud, they are becoming more aware of their risk levels and able to manage these more effectively.” 

What are the potential consequences for manufacturers that fail to implement  a shared responsibility model across IT/OT/supply chain?

“Failure to adopt a shared responsibility model across IT, OT and the supply chain can leave manufacturers with unnecessary expenses, higher risks and weakened security. From a cost perspective, organisations could be paying for additional but unnecessary security licensing and monitoring. Without clarity on which tools are already in use across IT and OT teams, organisations will not only face challenges with interoperability but they’ll risk doubling up on tooling and training costs. Instead, taking a more holistic approach of the organisation as a whole will enable IT and OT teams to decide where responsibility lies and lower costs. For instance, OT teams have very specific requirements and expertise. While overall monitoring to collect and understand data might sit with IT, OT can layer on context for specific alerts based on their expertise. Taking a collaborative approach where everyone’s responsibility is clear will enable organisations to streamline processes and limit unnecessary costs.

“Ultimately, a key consequence of failing to adopt a shared responsibility model is a higher level of risk and poorer overall security. Without clear dividing lines on responsibility and a collaborative approach, IT will not have the comprehensive view of systems required to keep track of all data and potential threats. As a result, pockets of vulnerable systems are likely – falling through the cracks between teams. Limited visibility means limited security. 

“This security issue is compounded in the manufacturing sector as the type of vulnerabilities impacting IT systems are often very different to those impacting OT. While lots of research exists around IT threats, less research is available on the OT side. Given that OT systems are usually lightweight and could be prone to damage if too much traffic is thrown at them, vulnerability discovery can be challenging. The combination of limited research and levels of system vulnerability which are harder to uncover means manufacturers can easily find themselves exposed to cyberattacks if a shared responsibility model is not employed.” 

What current factors are driving manufacturing organisations to reconsider their current set-up and move to a shared responsibility model?

“Faced with uncertainty and confusion about what the ‘new normal’ will look like has meant business leaders are thinking about resilience more than ever. In doing so, they’re considering their enterprise as a whole – moving away from a more siloed view. For manufacturers, future resilience depends on their systems remaining up and, importantly, secure. This requires business leaders to think more closely about the role that people, process and technology play. When considering a return to normality, organisations are wondering how they would deal with cybersecurity challenges if staff are working remotely, or how they could operate more flexibly to adjust as restrictions ease and tighten in response to the rate of virus transmission in future. Taking this holistic view of the whole organisation inevitably starts to break down barriers between teams and puts the shared responsibility model front and centre.”

What benefits will shared responsibility bring to the future of the manufacturing space?

“Firstly, shared responsibility allows manufacturing organisations to leverage expertise where it lies. For example, while IT teams have a centralised view and understanding of IT risks, they should collaborate with OT teams for industry context as required. Collaboration here will allow for quicker identification and investigation of alerts, reducing response time as teams both detect and mitigate threats more quickly.

“In the manufacturing sector particularly, safety is an important benefit of adopting a shared responsibility. Improved security, via a shared responsibility model, will help teams to uncover security risks before they have major consequences for customers. What’s more, if OT, IT and the supply chain work together, teams will be able to identify new security boundaries and reduce future risk.”

McAfee has also outlined practical steps that manufacturers can take:

·       Elect a governance committee. Creating a committee that includes individuals across IT, OT and the supply chain is vital. It can remove silos and provide a consolidated view of risk across the business as a whole. 

·       Conduct regular audits. Running audits across both IT and OT is key to ensuring visibility across systems, as well as opening doors to question processes and systems. What systems are out there? Who are the suppliers? What SLAs/security contracts are in place? Through these audits, teams can identify risks, kick-start contractual discussions with suppliers and agree the process to mitigate vulnerabilities before they occur.  

·       Start with monitoring. Increasing overall levels of monitoring will provide greater visibility. This monitoring should go hand-in-hand with implementing threat detection capabilities and the response plans that go with them. Ultimately, response times can be reduced if IT and OT teams understand their roles and responsibility in the process. 

·       Asses the overall security architecture. Fostering a more holistic view of the current enterprise set-up and how this maps with existing security standards is crucial. If IT and OT teams use different models to meet different criteria, manufacturers should aim to bring these models together into one consolidated enterprise view of cyber risk. 

·       Create a security awareness programme. By implementing a security awareness and readiness programme, organisations can ensure that all teams are educated on security procedures and are actively involved in maintaining them. This programme should include everyone from end users to OT engineers, and all the way up to executive level, in order to ensure that all areas of the manufacturing process are covered.

Security IT Summit

New virtual B2B events from Forum

 960 640 Stuart O'Brien
By:
0
0

Forum Events and Media Group, organiser of face-to-face meetings-based events like the Security IT Summit, is launching a series of new Virtual Forums.

For over 20 years Forum has been bringing together procurement decision-makers with suppliers for pre-arranged meetings and networking at its Forums and Summits. These events have generated £millions of new business agreements between buyers and suppliers over the years.

With live events unable to take place for the foreseeable future due to the COVID-19 pandemic, Forum has expanded its cutting-edge proprietary software to create a new interface with live video meetings. This has allowed the company to create a virtual Forum platform, taking the events experience virtual. It will allow procurement executives to source new solutions, and give suppliers the opportunity to discover new clients – and ultimately, keep industries talking.

“During this unprecedented time, we have chosen to redirect our focus from live events to virtual so that we can still deliver expectations to our supporting exhibitors and create a platform to meet with high calibre decision makers face-to-face,” explained Forum Events and Media Group MD Sarah Beall.

“We cannot wait to welcome attendees back to our live events from September and have implemented a COVID-safe risk assessment at all our venues, ensuring the two-meter rule throughout, introducing temperature check and reduced numbers, but still creating the same professional and informal atmosphere of buyers and suppliers.”

“We are prepared and ready to kickstart our Forums from this month across four industries via our virtual platform. And we will continue to serve industries’ supply and demand by holding hybrid live and virtual events that are COVID-safe throughout the coming months.”

The first four virtual meeting events from Forum Events and Media Group will be:-

  • Total Security Summit – June 29th
  • Security IT Summit – June 30th
  • eTailing Summit – July 6th
  • Digital Marketing Solutions Summit – July 16th

Forum Events and Media Group is working alongside other UK events industry to promote the #GetBritainMeeting initiative aimed at kickstarting the events sector in a safe and sustainable way. The events industry employs some 700,000 people across the UK and contributes over £70 billion to the UK economy every year.

Do you specialise in Authentication solutions? We want to hear from you!

 960 640 Stuart O'Brien
By:
0
0

Each month on IT Security Briefing we’re shining the spotlight on a different part of the cyber security market – and in July we’re focussing on Authentication solutions.

It’s all part of our ‘Recommended’ editorial feature, designed to help IT security buyers find the best products and services available today.

So, if you’re an Authentication solutions specialist and would like to be included as part of this exciting new shop window, we’d love to hear from you – for more info, contact Chris Cannon on c.cannon@forumevents.co.uk.

Here’s our full features list:

Jul – Authentication
Aug – Penetration Testing
Sep – Vulnerability Management
Oct – Employee Security Awareness
Nov – Malware
Dec – Network Security Management

Security IT Summit: Claim the last delegate place!

 960 640 Stuart O'Brien
By:
0
0

We only have one place remaining for this month’s virtual Security IT Summit – we will be closing registrations for the event this week!

Our final bespoke place is entirely free and includes benefits such as;

  • Flexibility – Your attendance is flexible, you can either attend for half a day or the full day.
  • LIVE Seminars – Attend LIVE topical seminar sessions led by industry thought leaders and gain access to additional industry webinars.
  • Industry Webinars – As well as the seminars, your pass gives you access to additional industry webinars, relevant to your role.
  • Personalised Itinerary – We can build you a bespoke itinerary of relaxed, 1-2-1 meetings with innovative and budget savings suppliers who match your requirements.
  • Save time – We will handle everything for you, by arranging all your personalised meetings prior to the event based on your requirements, all you need to do is arrive and enjoy.

Monday 29th June – Click here to secure your free place

Unmanaged personal devices at home threatening corporate security

 960 640 Stuart O'Brien
By:
0
0

More than half of UK employees working remotely during lockdown use unmanaged personal devices to access corporate systems.

That’s according to a study published today by CyberArk, which found that UK employees’ work-from-home habits – including password re-use and letting family members use corporate devices – are putting critical business systems and sensitive data at risk.

The survey, which aimed to gauge the current state of security in today’s expanded remote work environment, found that:

  • 60% of remote employees are using unmanaged, insecure “BYOD” devices to access corporate systems. 
  • 57% of employees have adopted communication and collaboration tools like Zoom and Microsoft Teams, which have been the focus of highly publicised security flaws

Working Parents Compound the Risk

The study found that the risks to corporate security become even higher when it comes to working parents. As this group had to quickly and simultaneously transform into full-time teachers, caregivers and playmates, it’s no surprise that convenience would outweigh good cybersecurity practices when it comes to working from home. 

  • 57% insecurely save passwords in browsers on their corporate devices
  • 89% reuse passwords across applications and devices
  • 21% admitted that they allow other members of their household to use their corporate devices for activities like schoolwork, gaming and shopping. 

Are Current Work-from-Home Security Policies Enough?

While 91% of IT Teams are confident in their ability to secure the new remote workforce, more than half (57%) have not increased their security protocols despite the significant change in the way employees connect to corporate systems and the addition of new productivity applications.

CyberArk says the rush to onboard new applications and services that enable remote work combined with insecure connections and dangerous security practices of employees has significantly widened the attack surface and security strategies need to be updated to match this new dynamic threat landscape. This is especially true when it comes to securing privileged credentials of remote workers, which, if compromised, could open the door to an organisation’s most critical systems and resources.

“Major socio-economic events have always led to a sharp uptake in cyber incidents. The WHO has warned of an exponential increase in attacks due to the global and unprecedented nature of the ongoing health crisis, and its transformative impact on the way we work. With the accelerated use of collaboration tools and home networks for professional purposes, best-practice security is struggling to keep pace with the need for convenience which, in turn, is leaving businesses vulnerable”, said Rich Turner, SVP EMEA, CyberArk.

“Responsibility for security needs to be split between employees and employers. As more UK organisations extend remote work for the longer term, employees must be vigilant. This means constantly updating and never re-using passwords, verifying that the operating system and application software they use are up to date, and ensuring all work and communication is conducted only on approved devices, applications and collaboration tools. Simultaneously, businesses must constantly review their security policies to ensure employees only have access to the critical data and systems they need to do their work, and no more. Decreasing exposure is critical in the context of an expanded attack surface.”

Claim your virtual place at the Security IT Summit!

 960 640 Stuart O'Brien
By:
0
0

Have you secured your virtual place at this month’s Security IT Summit on Tuesday 30th June? Your attendance is entirely flexible and will allow you to source budget-saving and innovative solution providers to prepare for every eventuality – Plus, you can enjoy all the benefits of the event from the comfort of your own home.

Simply RSVP here to secure your place.

We’ve been thinking of you as we navigate through these uncertain times, we are feeling it too. So we wanted to share a way to help keep business relationships going.

By attending the virtual Security IT Summit you’ll still get the same benefits as the physical event, namely meeting 1-2-1 with industry suppliers matched to you and your upcoming projects via our interactive and real time video events platform.

You’ll also have maximum flexibility too, with options to attend for either a full or half day, plus full access to a series of educational webinars hosted by industry thought leaders.

The virtual Security IT Summit will take place on June 30th – You can register here for your place today!

Transitioning to Secure Remote Working During and Beyond COVID-19

 960 640 Stuart O'Brien
By:
0
0

By Steve Law, CTO, Giacom and Sébastien Gest, VadeSecure

Organisations of all sizes that typically work in office environments have been thrown into the deep end due to the Covid-19 outbreak. Social distancing measures and restricting unnecessary travel has meant that a majority of companies had to unexpectedly revert to remote working. Many of these businesses quickly realised that they weren’t ready for this digital transformation, with recent research suggesting that UK firms are among the world’s least prepared for home-working.

With 25% of businesses having no crisis plan in place and 55% of employees having little to no experience of working from home, organisations have had to revise their working practices to be able to conduct their work digitally and remain effective. Technology plays a key role in enabling remote work, but many organisations did not have this planned in advance, and subsequently, are at a disadvantage due to their current inadequate technology solutions and infrastructure in place. This can lead to significantly increased security risks and concerns, as Steve Law, CTO, Giacom and Sébastien Gest, VadeSecure, explain.

Workplace Challenges

Workforces may not have access to the necessary devices from their homes such as work laptops, the correct video conference solutions or collaboration tools in place to perform their role. As a result, employees who are working from home will have to do so from their own devices. This ‘Bring Your Own Device’ (BYOD) phenomenon creates a security concern as not all personal electronic devices will have the correct level of security installed on them – the software may not be up to date, they may have an older version of Windows installed or no antivirus software available.

This creates an issue for both the consumer and the professional, as the same credentials are often used across multiple accounts at the same time. Hackers’ creativity is limitless and is becoming more sophisticated over time. Vade Secure has seen a shift in cyber criminals’ strategies, changing from attacking individuals with ransomware to instead using these individuals as a backdoor to gain access to corporate networks, and there is no better opportunity to do this than via individuals using their personal devices from home. However, by implementing the correct software and security solutions across all employees’ devices, these risks can be mitigated. 

Evolving threats 

The number of cyberattacks has continued to increase over time, with up to 88% of UK companies being targets of breaches in the last 12 months. However, hackers are taking advantage of the current coronavirus situation by sending phishing emails purporting to be PPE suppliers or medication. Recent statistics have found that since January 2020, there have been over 4,000 coronavirus-related domains registered globally, with 3% found to be malicious and 5% suspicious. These results heighten the importance of ensuring your workforce are securely remote working.

Over the last three months, as the coronavirus outbreak has unfolded, Vade Secure has seen a surge in spear-phishing and malware activities. Examples of this which have been found include capitalising on psychological aspects of the victims, including Covid-19 charity campaigns, fake mask and sanitiser suppliers, as well as stock and medications for purchases which don’t exist.

With 91% of cyber attacks using emails as their first vector, it’s more important than ever to ensure that your employees have a secure email network in place. No organisation is immune to the threat and companies which don’t have the right security software in place need to act now before it’s too late. By adding these security elements, companies can benefit from detecting and blocking features and using Artificial Intelligence to secure their networks and become notified when a non-legitimate email appears.

Securing the weakest link  

Often, the weakest link of an organisation is the employee, as 88% of UK data breaches are caused by human error. Employees are not security experts and can fall foul to phishing scams if they don’t have the right level of education or awareness. When working from home, your workforce is under more pressure to work both faster and harder, which can lead to mistakes being made. Staff members don’t have the time to check every email before they open them, but this one click can make all the difference.

Instead, by educating employees and making them more vigilant, they will be able to spot scams and cyber attacks before the damage is done. Combined with the right security software that uses techniques such as alert ‘pop-ups’ to prompt users to check emails before clicking on links, for example, the workforce will become more aware of the signs to look out for. By enabling users to make an informed decision about the nature and legitimacy of their email before acting on it, organisations can now mitigate against this high-risk area.

Conclusion

In order for organisations to limit the number of insider data and security breaches,  particularly when working remotely, it’s crucial for employees to understand the role they play in keeping the company’s information secure. By preparing in advance and having a secure contingency plan in place which provides employees with the necessary devices and security, companies will be in a stronger position to defend their systems against hackers. In addition to this, supporting employees with training will allow workforces to understand the evolving risks they face, and how to keep their information and systems secure.