National Cybersecurity Awareness Month 2019: what employers need to know. If nothing else, these basic cyber risk safeguards should be in place at your organization.
October is National Cybersecurity Awareness Month. According to the Chubb Cyber Claims Index, there has been a 1,215 percent increase in the number of commercial cyber insurance claims over the past decade.
It’s time for the 60 percent of employers who admit they haven’t implemented the most basic cyber safeguards (according to a recent survey by Chubb) to step up and protect their businesses.
What Employers Need to Know for National Cybersecurity Awareness Month 2019
If nothing else, these are the three most basic cybersecurity practices employers should adopt to protect their company from cyber risks:
- Hold annual employee cybersecurity trainings (only 33 percent of employers currently do this)
- Deploy filters for online content (only 40 percent of employers currently do this)
- Leverage social media blocks (only 33 percent of employers currently do this)
While putting these strategies into practice affords some cybersecurity (and some is better than none) it’s important to keep in mind that this is the equivalent of doing the bare minimum. When it comes to minimizing cyber risks and protecting your business, the bare minimum doesn’t cut it.
Defining Major Types of Cyber Risks for National Cybersecurity Awareness Month 2019
When it came to defining cybersecurity terms most Americans were stumped:
- Ransomware – a form of malware that restricts access to files unless a ransom is paid. (only 54 percent of employees knew the definition)
- Credential stuffing – an attack by cybercriminals to programmatically target a single online user using an email address and multiple password attempts. (only 41 percent of employees knew the definition)
- Emotet – a type of malware which is designed to steal financial information and online banking credentials. (only 28 percent of employees knew the definition)
- Ryuk – a new strain of ransomware that infects the victim’s main computer systems and hides itself as a legitimate VPN user. (only 26 percent of employees knew the definition)
If an employee can’t define what cyber threats are, how can they spot the red flags for one on the job? This is where an annual employee training can come in handy. According to the report by Chubb,
“As cybercriminals become increasingly sophisticated in their efforts to breach company systems, a general understanding of these common attacks — and how they are enacted — can be extremely valuable. By requiring employees to undergo annual trainings, much of which can be conducted online and limited to an hour, employees may be able to identify breach warning signs before they become full-blown attacks — allowing companies time to potentially intervene before significant losses occur.”
How Much Does a Data Breach Cost?
According to research by IBM, globally, the average total cost of a data breach is $3.92 million. The U.S. has the most expensive data breaches, averaging $8.19 million. Healthcare is the most expensive industry for data breaches, averaging $6.45 million. The average size of a data breach is 25,575 records.
A data breach is only one kind of cyber attack, and all of them come with high costs to protect, identify, respond and remediate. Make the most of National Cybersecurity Awareness Month 2019 and take steps to further safeguard your business from cyber risks.