Imagine this: the biggest cyber threat to your trucking company may be due to “careless” actions by your own employees; an action that allows a “phishing” attack to be successful or that inadvertently opens a hole in a motor carrier’s electronic networks.
But don’t feel too bad; this isn’t just a trucking-only problem.
Far from it, actually.
Indeed, in a new report issued by Kaspersky Lab called Business Perception of IT Security: In the Face of an Inevitable Compromise, cyber attacks are not only becoming “common” across the North American and global business community, but “improper” employee IT “behaviors” are often critical to helping such attacks succeed.
Kaspersky found that in just the last 12 months on a global scale, 43% of businesses experienced data loss as a result of a breach. When taking a closer look at businesses in North America, the firm’s survey data reveals that these organizations are significantly less protected against attacks compared to businesses worldwide.
For enterprises, nearly half (44%) in North America suffered four or more data breaches in the past 12 months alone, which is double the amount that businesses worldwide suffered (20%).
And here’s the rub: Businesses in North America claim that two of the top causes of the most serious data breach they’ve experienced were careless/uninformed employee actions (59%) and phishing/social engineering (56%) which of course relies on someone inside the company’s “walls” to “activate” by clicking on a viral link of some kind.
“The survey results indicate the need for a different view on the growing complexity of cyber threats,” noted Veniamin Levtsov, Kaspersky’s vice president of enterprise business, in the report.
“The key point here is that threats are not necessarily getting more sophisticated,” he stressed. “It’s the growing attack surface that requires more diverse set of protection methods. This makes matters even more complicated for IT security departments. The most important finding is the companies’ points of vulnerability: threats like employee carelessness and data exposure due to inappropriate device sharing.”
Levtsov pointed out that Kaspersky’s survey proves that cyber criminals are successfully hacking their way into corporations through what he termed “uninformed” employees.
“Business leaders need to ensure that employees are educated on company policies and procedures for navigating security threats while at work,” Levtsov emphasized. “Such challenges cannot be addressed by a technology or algorithm; instead they require better employee awareness and regular training. That addresses a company’s general resistance towards current and potential threats.”
Kaspersky’s report also dug up some other interesting points related to cyber security:
- Six out of ten typical “vulnerable areas” within a business are directly related to a fear of data loss.
- However, the real surprise is that the most frequent “point of vulnerability” is inappropriate usage or sharing data via mobile devices, with 54% of businesses globally and 52% in North America saying they face challenges understanding how to address this threat globally.
- Although 32% of businesses in North America confirm a significant increase in the number of smartphones, this is also the number one IT security challenge that businesses don’t feel their organization is protected against.
- More than half (52%) of businesses in North America admit to being least protected against mobile security threats, such as inappropriate usage or sharing data via mobile devices.
- In North America, nearly half (44%) of businesses reported that the main reason they want to invest in more IT security is due to business expansion.
“As organizations continue to grow and cyber threats continue to evolve every day, intelligent protection strategies and educational programs will be critical to protecting businesses from future cyber attacks,” noted Levtsov.