The Leading News & Information Service For The Facilities, Workplace & Built Environment Community

Security Education Vital Against Cyber Attacks

03 March 2016 | Updated 01 January 1970

IT decision makers in the UK view malware as the main security threat to their organisation but there is growing concern about phishing and ‘spear phishing’ in a report – Data Security and Risk Management Review – sponsored by managed service provider Advanced 365.

The report includes a survey which highlights the top 10 main threats facing organisations. While human actions (malicious or accidental) remain a major vulnerability, malicious software (malware) ranked above them as the number one threat facing organisations. Meanwhile, phishing and spear phishing appear to be the fastest growing risks with 65% of the 300 respondents identifying this as a threat they think is increasing in severity or frequency.
In addition, spamming appeared in fourth place, above denials of service (DDoS) and social engineering, the tactic of manipulating people to give up confidential information, e.g. passwords and bank details. There is also an increasing sophistication in these types of attacks with phishing e-mails which appear to come from a trusted source becoming more difficult to identify.

As a result of these escalating threats, raising awareness and knowledge of security issues among employees is increasingly important. The review considers the so-called ‘security knowledge gap’ between security professionals and other staff and also the information disparity between them and the criminals they are trying to stop. With threats evolving at such a fast pace, there are concerns that many businesses are playing catch-up with hackers.

When asked what the most important tool is for increasing knowledge and awareness of threats, exactly half of respondents suggested awareness-raising programmes. This was followed by formal training (39%), threat intelligence (36%) and industry/peer information (35%) The report states ‘it is clear that IT decision makers recognise the need for greater security training and education’. Respondents also agreed that training should be carried out at regular intervals.
“As threats such as malware and phishing become more targeted and sophisticated, it is reassuring that IT professionals recognise the importance of frequently educating staff and raising awareness of security issues as well as ensuring that their own skills keep up with those of the cyber-criminals,” stated Neil Cross, MD, Advanced 365. “It is equally vital for employees to be aware of what is at stake from a security perspective, both for them and the business, and why continuous awareness training is necessary to minimise potential vulnerabilities.”

Picture: A report from Advanced 365 sees malware as the main security threat but increasing concern about phishing and spear phishing


Article written by Mike Gannon | Published 03 March 2016


Related Articles

The End of Innocence

The attack in the French city of Nice has brought a new dimension to Euro-terrorism. There are three characteristics of this contemptible deed which are worthy of...

 Read Full Article
The Impact of Time - a Back to Basics Approiach

Security is a function of time. It is about detecting, recognising, identifying and causing time delay to an adversary to such an extent that something can be done to...

 Read Full Article
The Magic of Resilience

Since the BREXIT option was selected democratically by a majority of the UK population, the word ‘resilience’ has been used widely and frequently by both...

 Read Full Article
Istanbul Attacks - Another Lesson to be Learned

In light of the dreadful attack on Instanbul's Ataturk airport, SERIFM's Jeff Little says we need to stop with the referendum blues and party squabbling and start...

 Read Full Article
A Lack of Situational Awareness in the Information Age?

We live in the so called information age. Numerous communication means are now open to us. And yet still, when things do go horribly wrong, organisations are utterly...

 Read Full Article
Cyber Security Awareness Training a MUST for All

Each and every security magazine or website I read further lowers my morale with regard to the risks associated with cyber crime. Every single employee or manager who...

 Read Full Article
Demise and Rebirth of Data Dave

Richardson Eyres has launched The Unfortunate Demise and Rebirth of Data Dave which is a short video that follows the lovable and wildly unlucky Data Dave who, despite...

 Read Full Article
On Trend - Can Hackers Turn The Heat Off?

Ken Munro of Pan Test Partners has written a blog - the original of which and more pictures can be accessed if you Click Here  Munro says he has found...

 Read Full Article
Top 10 IT Security Predictions for 2018

As the headline fact, blatantly states, we have the top ten IT security predictions - courtesy of Ian Kilpatrick.   1. Security blossoms in the...

 Read Full Article
Andromeda Strained - International Cyber Op Dismantles Botnet

On November 29, the Federal Bureau of Investigation, in close cooperation with the Luneburg Central Criminal Investigation Inspectorate in Germany, Europol’s...

 Read Full Article