Download our free data protection guide: discover the unauthorized places your data goes via email


How to Protect Your Data from the Weakest Links in Your Organization: Human Beings

September 8, 2022

Did you know that the vast majority of cyberattacks can be traced back to human error? The modern business prioritizes productivity and continuity over data security, meaning that when security impacts an employee’s ability to do their job, they will always find a workaround. Not to mention, humans have a natural tendency to implicitly trust, which can lead to unintentional negligence. This can reap some hefty consequences for today’s businesses, specifically for SMBs that may lack the tools and resources to help protect from human error incidents. What’s even scarier is that 61% of small to medium-sized businesses reported at least one cyber-attack last year, and 43% of all data breaches now involve SMBs.

For business leaders of any size company, cybersecurity has become as much a people problem as a technology problem.

Human error isn’t cheap – it could cost you a lot more than money

According to the FBI’s 2021 Internet Crime Report, more than $6.9 billion was lost to cybercrime in 2021, surpassing losses reported in 2020 by about $2 billion! Many of these losses are a result of social engineering techniques that lure employees into divulging their credentials or making unauthorized transfers of funds.

While a security breach has financial consequences, a breach costs businesses more than just money. Aside from the direct financial losses, security-based offenses can also disrupt a company’s productivity and public reputation. In 2020, a 17-year-old’s low-tech attack hacked the Twitter accounts of over 130 high-profile users, including Barack Obama, Kim Kardashian and Elon Musk. And as if the embarrassment wasn’t enough, the vulnerability caused Twitter’s market value to plunge by $1.3 billion. As demonstrated here, one basic hack against one employee can have a massive ripple effect across an organization and its customers.

Regardless of your organization’s size, you need to know how to best equip your people to protect your data and company from cyber-attacks.

How can you best equip your employees against cyber-attacks?

It’s important to educate your employees on the ways cyber criminals can target your systems and the best practices to combat them. There are several social engineering techniques hackers can use to seize your business’s data, but phishing is by far the most common. Hackers may use deceptive emails, websites, and text messages to trick your employees into handing over company information or downloading malicious codes.

The challenge is that cyber-attacks continue to become more sophisticated. Chris Jenkins, Chief Digital Officer of the FBI, emphasized that while “the core cybercrime method, which is phishing, hasn’t changed, the sophistication of them has. The ability of cybercriminals to create more real-looking, more compelling fake sites for people to log into has gone up significantly.”

Never lose sight of the fact that hackers are crafty. They study their targets and identify weak links. They establish communication with targets and learn the language and jargon needed to easily fool the victim.

These four best practices to offset human error are easy to implement.  

  1. Use long passwords that combine letters, numbers, and symbols. Make sure passwords are routinely updated.  Use multifactor authentication whenever it is available!
  2. Educate employees about malware and social engineering, trusted and untrusted links and files
  3. Establish and enforce health checks for business-critical apps; Don’t wait to patch applications with critical vulnerabilities
  4. Implement least privileges access—only give employees what they need to perform their tasks

How can you make sure all data shared by email is secure, and the data remains in your control?

Additionally, provide your employees with an easy way to keep data secure. This is easy and affordable with applications, such as EB Control. With EB Control, your company has military-grade encryption without employees needing to know how to code or use keys.  There’s no technology infrastructure to buy or implement.  

EB Control, you can forget about human tendencies and failure— financial losses and reputation concerns will become a thing of the past. Click here to learn how to get a free trial of EB Control.