Despite growing awareness about Cyber security risks the reality is employees and other users of internet do a lot of things that mess with a CISO’s on-the-job sanity.
According to a survey commissioned by Sungard Availability Services, IT professionals see security as a serious threat to the organization, and this is largely due to employee behavior (or misbehavior).
The worst security offense, according to the 276 IT professionals who responded to the survey, is carelessness surrounding mobile devices, followed closely by poor password management. Both issues can easily lead to the type of data breach that could cost a CISO his or her job.
So, here are some of the most common mistakes internet users and employees make thereby incurring the Cyber Security risks:
Leave your laptop or Cell unattended: Or forget your smartphone at the airport security line. Or run for a refill of coffee while your table sits unattended. Any time you put your device in a situation where it can be easily stolen, you are putting the corporate network and data at risk. Unfortunately, too many users don’t deploy the privacy settings on their devices, so when a device is lost or stolen, everything on it is readily available to the new “owner.”
Share passwords: More than fifty percent of the IT professionals surveyed for the Sungard Availability Services study said password sharing was one of their top security concerns. There are two different, but very important, password sharing concerns. First is sharing a single password among multiple sites or access points. If someone guesses that password, he will gain access to a lot of bonus material because of employee laziness. Second is sharing a password with your co-workers. Edward Snowden was able to gain access to many unauthorized sites because fellow employees shared their passwords with him.
Ignore company security programs: This falls on the shoulders of IT staff and CISOs themselves, but by not enforcing strong security programs, employees aren’t going to take the steps necessary toward better security behaviors. So be sure to make it easy on employees: share quick links to security policies, send lots of reminders and “how to’s,” and make sure people understand the information you provide.
Engage in anti-social media: Who doesn’t love to spend some time during the day checking Facebook and Twitter and Pinterest? CISOs don’t love when employees do it because social media is a hot spot for embedded malware and click bait links that direct users to dangerous sites. Also, social media users have been known to put sensitive corporate information on their walls, creating a security problem.
Expose sensitive data: How many of the most recent high-profile breaches involved the compromise of unencrypted data? The answer: too many. When employees aren’t utilizing encryption processes, it puts sensitive data at risk if the network is hacked. In turn, it causes panic among millions of consumers who find out that their Social Security numbers and birth dates are suddenly available for sale on black markets.
Do you have information you wish to share with PakistanTribe.com? Email our News Desk to share news tips, reports and general feedback. You can also email the Blog Desk if you have an opinion or narrative to share. Follow PakistanTribe on Twitter Follow @PakistanTribe and Join us on Facebook