And that’s exactly why we’re so vulnerable to cyberattacks, says Jake Moore, an ESET cybersecurity specialist and a white hat hacker with 14 years of experience in digital forensics and cybercrime investigations. He never lacks motivation to scrutinize and test how small businesses perceive and handle cybersecurity. In most cases, the answer is: rather poorly.
In most smaller companies, it’s the IT manager who is responsible for keeping company smartphones secured. While some security risks can be mitigated by endpoint protection, informing your employees about proper smartphone cyber hygiene is equally important.
Building a cyber-aware culture should be a part of a long-term IT security strategy – in any company. In reality, however, companies often do not go beyond some form of basic cybersecurity training for employees. Of course, it's not possible to build such a culture in a day. But where should you start?
Cybersecurity education could be compared to taking an exam. You learn something to prepare for the test, but if you don't use that knowledge again for a long time, you forget it. This is often the case with cybersecurity training for employees, which takes place once or twice a year. Education should be an ongoing process for best results.
You have probably heard about social engineering – psychologically manipulating people into involuntarily revealing sensitive information. Let's take a look at impersonation, another non-technical attack technique used by cybercriminals to pretend to be trustworthy people while trying to manipulate others (e.g., to order and approve fraudulent transactions). How do you recognize when you are contacted by a cybercriminal instead of your colleague?
Cloud storage is quickly and easily accessible from almost any digital device with an internet connection. It's no wonder that this solution has become so popular among many companies. However, it can also pose a risk to your cybersecurity. Let's take a look at how to protect cloud storage on one of the most popular cloud storage providers – Google Drive.
Humans are emotional beings, and social engineering is a very effective way to take advantage of that. What’s more, social engineering attacks such as phishing or spreading malicious links don’t usually require highly specific technical skills on the side of the attacker. Forcing thousands of users to give up sensitive information or perform harmful actions has so far proven to be rather easy! Don’t be fooled – even when your business is small, you might still become a target.
Blackmail is a common practice among cybercriminals. Although most of the threats are usually fake, many employees lack enough knowledge and are easily taken in. Therefore, it’s crucial to constantly raise awareness and talk about online scams – including sextortion.
Keep your journey safe with more data security related content.
By subscribing, you agree to receive marketing communications from ESET. ESET respects your privacy. View our privacy policy here.