BlackCSI Blog

BlackCSI has been serving the Pennsylvania area since 2002, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Your Employees are Your Biggest Cybersecurity Threat

Your Employees are Your Biggest Cybersecurity Threat

When it comes to cybersecurity, businesses have a lot to worry about, with the costs associated with protecting a network (or responding to failed attempts to protect your network) dominating these costs. While it is incredibly important to protect your business in any way possible, it is often not enough, and even the most careful companies fall victim to attacks.

According to the Federal Bureau of Investigation, cyberattacks increased about 400 percent between 2019 and 2020, hence the extreme focus on cybersecurity in recent years. Businesses in particular are at great risk, especially when factoring in how some employees have a blatant disregard for cybersecurity.

You can have the most secure systems in the world and they would still be vulnerable due to one or two employees handling network security in an improper way. This can be quite the frustration for IT staff. Here are some of the ways an employee might fail to keep their credentials secure and what you can do about it.

Employees as Attack Vectors

With the large shift to remote work over the past several years, the ways that many employees are going about their day has changed considerably, and so too has the way a business’ network is distributed. Unfortunately, those who don’t do everything they can to protect their organization’s network are often seen as ignorant or as a saboteur, even though the largest contributing factor to these issues with network security is, more or less, stress—something which is incredibly challenging to quantify, measure, and eliminate.

According to the Harvard Business Review, stress plays a significant role in how protected an organization remains against cyber attacks. The study found that two-of-three workers failed to stick to organizational cybersecurity policies at least once over the course of every 10 workdays. It was also found that employees simply ignore cybersecurity policies around five percent of the time. While it might seem inconsequential, consider the far-reaching impacts of major data breaches, and all of a sudden it is a very big deal.

We know what you’re thinking; why would an employee follow procedure most of the time, but not all of the time? The study found the following were direct indicators for why:

  • “To better accomplish tasks for my job.”
  • “To get something I needed.”
  • “To help others get their work done.”

Around 85 percent of respondents claimed one of the above as the reason for their non-compliance, willingly putting their organizations on the line just for the sake of getting something done. Most people within a business are not hired for their cybersecurity know-how; they are hired for very specific job duties and responsibilities, and they might see that cybersecurity gets in the way of that purpose every so often. Only three percent of all these cases are true defiance or sabotage, so it’s hard to blame employees for simply wanting to do their jobs well.

Redefining the Importance of Cybersecurity

Most employees are going to prioritize productivity over security procedures, but they just can’t win when they could potentially be labeled as ignorant or negligent for deliberately trying to maintain productivity rather than prioritize security. The unfortunate truth is that most training platforms and policies do not take into account these gray areas, which is why it’s so important for employees to be involved in the development of cybersecurity policies. By taking employee feedback into account, you can ensure security while also guaranteeing that your team has access to what they need to be productive and successful in the workplace. Managers also must work to ensure that the members of their team know about cybersecurity expectations so they can work toward meeting them.

If your business would like some assistance with developing or implementing productivity-friendly security solutions, reach out to us at (717) 620-3042.

Automation Most Small Businesses Can Use
Let’s Take a Look Behind the Curtain of a Remote B...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, November 21, 2024

Captcha Image

Latest News & Events

Leading MTSP Encourages Companies to Maximize Profits with Updated Tax Code Benefits HARRISBURG, PA – October 29, 2024 - BlackCSI, a leading managed technology services provider (MTSP), is encouraging business owners to take advantage of th...

Latest Blog

Successful businesses need to change to keep up with what customers want, new trends, and how the world is changing. This means they have to know their business well and be open to trying new things. Let’s look at six important areas where ...

Contact Us

Learn more about what BlackCSI
can do for your business.

(717) 620-3042

BlackCSI
124A West Harrisburg Street
Dillsburg, Pennsylvania 17019