“Cybersecurity awareness and training is everyone’s business”
Posted on 10.04.17
Chris Moschella, Risk Advisory Services Senior Manager, shared his insights on cybersecurity awareness and training in an article for Inside Business, The Hampton Roads Business Journal.
"W-2 fraud, spear phishing and executive impersonation wire-fraud scams are just a few of the attacks that target people rather than systems.
Although the “technical hack” still occurs (Equifax) security researchers agree most attacks start with individuals being targeted in their email. Many of these attacks cannot be caught by even the most advanced email filters.
So, we’re left in the unfortunate situation where, for certain types of cyberattacks, the end user is the only layer of defense. In many organizations, however, the prevailing view among leaders and employees is that IT security is the sole domain of the technology staff.
This creates a major gap between the reality of the threats and the defenses in place, which sadly leads to successful attacks against organizations every day. The reality truly is that cybersecurity is everyone’s business.
Sometimes referred to as the human firewall, a motivated and cyber-aware workforce is as important as any technological defense to the organization. The good news is, relative to other cybersecurity expenditures, a robust security awareness training program is fairly inexpensive, especially when considering the amount of risk it mitigates. The bad news is it takes executive buy-in and organization-wide cooperation."
Interested in learning how to protect your business from cybersecurity threats? Contact us. Our Cybersecurity team can help. Our team is focused solely on evaluating business processes, information technology controls, and security. As such, we possess a unique combination of business and IT expertise and communicate effectively with business and IT professionals alike.