Cyber Security is and has remained a hot topic for several years now. In Singapore alone, we have seen many cyberattacks from the leaking of government employees’ personal data in 2013, to the WannaCry Ransomware and MINDEF hack in 2017, to Singapore’s worse cyberattack till date, the SingHealth hack in 2018 and when MOH, MOE accounts were being sold on the dark web in 2019, and these are just high-profile cases that made it to the news. There are also many organizations that for the fear of damaging their reputation, did not report falling to victims of cybercrimes.
In 2020, the frequency and sophistication of cyberattacks started to increase at alarming rates, trigger by the pandemic forcing businesses to adapt their working situations and the increase in the number of remote staff, which resulted in new ways for cybercriminals to exploit organizations.
Now, we can continue to add layers upon layers of security to protect our digital assets and information, but to what end? Cybercriminals and Cyber Security vendors are constantly in a game of cat and mouse, and you may truly have enough security layers only when you run out of money to spend. Of course, we are not asking you to not spend any money on cybersecurity tools and services, that would be the equivalent of not have doors or locks installed in your office or home. That’s just a burglary waiting to happen, but at the same time, we don’t all need vaults and five security guards either, unless you are running a bank.
Just as the physical security of your office, where the last person to leave has to ensure that the office is locked, and during business hours when it is not locked, the people in the office are the ones to ensure that strangers do not just walk in and start taking your valuables away. Humans are also our last line of defence in preventing cyberattacks.
According to research from security software firm Trend Micro, 91% of cyberattacks begin with a spear-phishing email that targets and tricks your users into opening malicious links or files which grants them information or access to your digital assets and information. So, educating and training your users about security awareness is crucial even for small businesses.
Now, you may already have conducted internal security awareness training, engaged an external consultant for a one-day training seminar, or have your users watch some videos on security awareness, but do you know how effective these training were? Most training is typically generic Death-by-PowerPoint sessions where users sit in for the session and may leave the session with no tangible results. What we need is to assess your organization needs, create an on-going training plan for your users and regularly test them to track their true progression.
To provide the best training possible, AsiaCloud has partnered with KnowBe4, the world’s leading provider for Security Awareness and Training Solutions, to help you improve your last line of defence and offer you a free phishing security test to see where your users stand.