As the threat of cybercrime continues to loom, it’s imperative that businesses are dedicating enough of their resources towards their cybersecurity efforts. Since COVID-19’s emergence, cybercrime consisting of phishing, ransomware, identity theft and fraud has been up nearly 600%. Is your organization prepared to defend against these types of attacks?
Web-based attacks coupled with forms of dangerous malware such as ransomware are often hard to protect against. Most organizations will have to be willing to invest in the necessary protections to avoid being compromised by these attacks. It’s been reported that some organizations have spent upwards of $2.5 million dollars to remain safe from these attacks. Unfortunately, despite these investments, some organizations are still at risk of a targeted attack. One in three of the businesses that are attacked report their data being inaccessible for at least a week.
So what’s causing this vulnerability? Nearly half of all information technology professionals that organizations have on staff have gone on to report that their companies remain vulnerable to ransomware and other targeted attacks despite their security investments. In fact, nearly 75% of all organizations that are victims of these attacks have invested in some form of cybersecurity. Rather than questioning vulnerability, what else can these organizations do to defend against these attacks?
The first thing organizations can do is prioritize defending high-level executives from these attacks. In most cases, executives are the true targets of these attacks as they’ll have the most clearance and access to an organization’s most sensitive data. One attack could lead to an entire company falling in jeopardy. Which is why it’s imperative that executives are the most protected when it comes to any organizations’ cybersecurity efforts.
The first step in reevaluating how to protect an organizations’ executives is a tireless scan the executive’s online presence. Different social media profiles, professional networking accounts and even old blog pages or blog posts could contain valuable information that can give attackers a leg up. Wiping this information from the web is imperative when trying to keep executives safe. While proactive steps such as these are beneficial, organizations should also prioritize educating executives regarding the attacks. Understanding how these attacks might be posed gives them an opportunity to remain less vulnerable.
Building off the education of executives, they should be able to identify what a phishing message might look like. Sure, even some of the most technology-oriented individuals may not be able to notice a phishing e-mail or scam at first glance but being able to read between the lines is a skill that goes a long way. There are some very obvious tells and signs that will identify these attempts very quickly. Executives should be encouraged to meticulously scan their mailboxes and avoid opening any e-mails containing links from senders not in their contact list. When feeling weary regarding any e-mail, executives should also remember to refuse to share any personal information.