You may not believe this, but employees represent one of the biggest risks to cyber criminals attacking the network…. Ian McAlister, General Manager at CRS Technologies, explains why.

The reality of today’s market is that while factors such as BYOD, mobile devices and portable memory (flash drives etc.) continue to impact on business, the most likely ‘weak link’ in the corporate chain is opening attachments in email.

“One only has to consider the impact of recent global breaches and outbreaks, such as Petya, for example, to know that ransomware is very real and has the potential to wreak havoc internationally. It is currently the biggest danger from a cost point of view,” says Ian.

And, before technology is thrown at the problem and thousands upon thousands poured into solution investment and integration, we have to start with awareness.

There needs to be heightened awareness and awareness training needs to focus on ‘thinking before acting’ as its basic principle.

Moreover, as Ian explains, restricting access to networks and using technology solutions to manage access control does help, but the benefit is limited because it is impossible to restrict all people and also prevent people from actually doing their jobs.

Ian argues that the most effective way to reduce the potential for an internal source to cause or trigger a cyber attack is through continuous awareness communication and robust network security.

The strategy should continue to be leveraging the power of ongoing conversation highlighting risks and dangers.