Educate a Workforce Against Cyber Attacks

by | July 21, 2015

"Social engineering" overtures are designed to induce employees to act impulsively, thereby executing the installation of malicious software, commonly known as malware.

I read Lou Shipley's July 17 op-ed "How Small Businesses Can Fend Off Hackers" and was surprised to find that the piece was silent on the most effective way the small-business community may mitigate the risk of a cyber attack—workforce education.

I've remediated several cyber attacks within organizations of all sizes and have found a common signature in the vast majority: The initial network intrusion was caused by an unsuspecting employee being tricked into executing a link, playing a video or opening an attachment within email messages. These social-engineering overtures are designed to induce employees to act impulsively, thereby executing the installation of malicious software, commonly known as malware. Once this happens, the party begins for the hackers.

All businesses who seek to guard against an attack must provide their employees with formal guidance on the potential danger associated with inbound email and provide examples of common social-engineering techniques. Without an informed employee, no degree of technology will prevent a breach.