Let’s consider the playing field: On one side, we have a group of criminals who spend day and night trying to find extremely clever ways to trick you into clicking in their email. On the other side is your employee, who was up late last night working, got a bad night sleep, and is quickly going through emails at 8:01AM before today’s stressful meeting. Who has the edge? The answer to this question comes down to how prepared your employee is in identifying and responding to the nefarious email. If your organization relies on the fact that malicious emails are not clever enough, you’ve just been lucky. It’s true – the majority of malicious emails we see are pretty bad and often not very clever. We think we’ve outsmarted criminals. Our experience is similar to us playing baseball against a bunch of elementary children. But what happens when we go up to bat and pro baseball pitcher walks on the mound? Each cyber criminal and criminal enterprise is going to have a unique level of experience and expertise and it’s only a matter of time before we cross paths with a professional. Because of the prevalence of email security tools, it’s also becoming more likely that only the extremely clever email will make its way into your inbox – just when we thought we were safe.
A distinctly sobering statistic was published a couple of years ago by the National Cybersecurity Alliance – 25% of small businesses who suffered a data breach ended up filing for bankruptcy and 10% of them never reopened. These numbers are not small. Larger organization typically have better security tools but are still significantly impacted. Do you want to head a department in a large organization and be responsible for someone on your team that causes a breach to the entire organization? How are you going to respond during the manager’s meeting? Who is responsible for making sure everyone on your team is prepared to identify these clever emails? If you’re reading this, its probably you!
The good news is that is not too difficult, invasive, or expensive to keep your team prepared. Give your staff Cybersecurity Awareness Training regularly so that bad nights sleep won’t give the cybercriminal the edge.
Scott Morabito is a technologist and founder of TechTonic. He was trained as a computer scientist and resides in Concord MA