CYBER SECURITY SPENDING ON THE RISE
National Cyber Security Awareness Month (NCSAM) has been observed each October in the US since 2004. With the support of the Department of Homeland Security and the National Cyber Security Alliance, the campaign aims to identify potential online threats while also offering advice on how to mitigate user exposure. Cyber security spending is on the rise with approximately USD100 billion spent globally in 2018 as a result of increased awareness through such campaigns as NCSAM.
Phishing is among the most prominent cyber threats and, according to a 2018 Wombat Security report, 76% of organisations stated they had experienced a phishing attempt in 2017. Such social engineering attacks use human interaction to obtain or compromise information about an individual user, business or company and their computer systems. Attackers often pose as a verified and trusted entity; requesting personal information via email to gain access to private accounts or infiltrate a network. The breaches in phishing attacks occur when users inadvertently submit confidential information, and even large multinationals are not immune. Facebook and Google reportedly sustaining loses of USD100 million during 2017 after employees paid fraudulent invoices.
Other phishing attacks include malware attachments to emails which, once downloaded, can steal personal or financial details stored on the device. These breaches can have a decisive financial and reputational impact, with consumers potentially limiting their interactions with a business while many will opt to use an alternate service. However, it is not only businesses that are the targets of such attacks. On 4 October 2018, Dutch, UK and US officials accused Russia’s GRU intelligence service of attempting to perpetrate global phishing attacks against the UK Foreign & Commonwealth Office and the Organisation for the Prohibition of Chemical Weapons.
THE IMPORTANCE OF STAFF DETECTION
To mitigate the risk of exposure, preventative measures can be adopted to increase cyber security resilience. Of the separate themes to be explored by the NCSAM campaign during each week of October, one is to raise the awareness of online safety in the workplace to prevent a successful phishing attack.
Employees are an organisations’ weakest security link when it comes to cyber attacks. By training employees to be able to recognise and identify the traits of potential phishing attacks, companies can improve their resilience and avoid any potential impact on business continuity. According to the phishing defence solution company Cofense, susceptibility rates are as low as 5% when employees are trained to spot attacks.
HOW NYA CAN HELP
NYA can help clients to improve their resilience to cyber attacks through cyber security training, awareness programmes for employees and the development of a crisis communications strategy. Through simulated incident workshops, we can also test and improve incident management and response plans to ensure compliance with industry best practice.