The June 9th Telarus Tuesday call welcomed VP of Channel Sales, Larry Snodgrass, to discuss how educating employees/customers about cybercriminal tactics and how to avoid them are a critical component in your security plans. The entire recording is available here.
How Data Breaches Happen
Company data breaches have been rising every year, from 2012-2019, over 6.5 billion records have been compromised. The number one cause of company data breaches is employee negligence. With Covid-19 and quarantines, cyber criminal activities have gone into overdrive. At home, remote employees are the link to the corporate network. Making sure they are trained and aware of security risks is more important than ever.
Below you can find a couple of famous pictures of the Chinese/North Korean hacking operation. A lot of these organizations have call centers, with entire buildings packed with hackers. Some of these organizations are going after government and utility infrastructure while others are going after money.
Key findings in the MIMECAST 2019 State of Email Security Report show the shocking stat that ninety-four percent of the surveyed organizations experienced a phishing attack. Even though the number of ransom attacks was down, the effectiveness is up. Why? The resurgence of impersonation attacks. This includes emails impersonating your executives and vendors.
So, how do attackers gain access?
- Phishing via Email or Social Media
- Drive-by Download
- Clicking on Compromised Website
- Infection from computer part of Botnet
Prevention Action Plans include layered security:
- Infrastructure (firewall, email filter, antivirus, etc.)
- Outside Email Warning Messages
- Domain Security (lockdown look-alike and typosquatting domains)
- Employee Education that keeps pace with the evolving threat landscape
- Phishing Simulation
Stickley on Security provides you with the following:
- Domain Assure provides you immediate domain security locking down look-alike domain.
- Researching and providing employees/customers with cybersecurity training and phishing simulations can be time-consuming and costly. Stickley on Security provides fully automated services and makes it easy for everyone.
To learn more about Stickley on Security visit, www.stickleyonsecurity.com.