Ransomware has had its ten minutes of fame. For a while there, it seemed like every technology article was about how ransomware was hitting another major company. Pretty soon, the media got bored and moved on to something else. Executives handed the responsibility of managing ransomware threats over to the IT department, and everyone moved along.
Well, almost everyone moved along – the ransomware creators are still at it. And according to a recent study, they’re having plenty of success, in part thanks to CEOs. It isn’t just that CEOs are prone to click on ransomware emails (although executives at one-third of companies say that’s the case). It’s that many CEOs hand the responsibility for network security to the information technology team, and the team relies on technology to solve the problem. Unfortunately, while technology is a part of many great security solutions, it’s a terrible solution when used alone.
Technology does exactly what it’s programmed to do, but no more. Firewalls can be very effective at stopping mass emails, but they handle targeted attacks poorly. In some types of attacks, firewalls are completely useless – for instance, it can’t prevent employees from giving confidential information out to an imposter over the phone.
Unlike technology, people can adapt to new situations. That’s why the best solutions pair technology and training. Technology blocks the day-to-day threats, and employees are trained on what red flags indicate a potential security risk and how to handle them. The best training regimens always keep the issue top-of-mind, relying on message frequency rather than lengthy time commitments to boost employee awareness.
Unfortunately, this type of training is still uncommon. Only 11% of companies have continuous training in place for cybersecurity, and only a quarter of companies have monthly training. If your company is sending out reminders to be vigilant against security threats quarterly or yearly, that leaves plenty of time for all of your employees – including the C-Suite – to let the topic slip their mind.
To learn what great data security looks like, call us at 919-779-0954 or email us at Team_WingSwept@WingSwept.com and ask about our Managed Services offering.