Cybersecurity & PR: How The Human Element Can Cause Breaches

Human error is the source of most cyber breaches.

Human error is the source of most cyber breaches. According to a recent survey by Deloitte, human error was responsible for an average of one-third (33 percent) of all security incidents in organizations worldwide in 2018, marking a slight increase from 31 percent in 2017.

The following are just some examples of how employees can cause breaches:

• Unpatched software or hardware that has not been updated with current patches and updates to fix potential vulnerabilities. This includes old versions of operating systems (Windows XP), browsers (Internet Explorer 6), applications and mobile devices such as smartphones/tablets running outdated operating systems or apps that have known vulnerabilities such as Java 7 which has now been superseded by Java 9+.
• Weak passwords such as “12345” or “password”; reusing the same password on multiple accounts; using easy-to-guess passwords like birthdays or pet names; using passwords containing personal information such as names, addresses etc.; using easy-to-decode passwords like “123456” instead of something harder to guess like “p1@rty$.!&#”
• Poorly configured hardware such as routers not being set up correctly so they can be remotely accessed via open ports – this means hackers could access your computer through the router which is connected directly into your network via Wifi connection

It’s not just small businesses that suffer from cybersecurity risks.

Although it’s obvious that small businesses are more vulnerable to cyberattacks, the fact is no company is safe from them. An analysis by the Ponemon Institute found that while companies have been increasing their spending on IT security over time, breaches are still happening at a rate of about one every two minutes.

The key to preventing these attacks is focusing on prevention as well as protection: You can’t stop something if you don’t know it’s coming. The good news is that there are several steps you can take to protect yourself and your business against common human-error cybersecurity breaches — even if they’re not a big corporation with lots of resources at hand

Hackers are getting increasingly clever.

Hackers are always adapting. They’re getting increasingly clever, but most of their attacks against companies rely on the same old techniques that have been around for a long time.

From phishing attacks to social engineering, hackers’ best tools are still the ones that rely on you and your employees making mistakes.

Phishing is an example of a spoofed email that looks like it came from someone in your company or another trusted source, when in fact it was sent by someone trying to steal information from your employee’s computer.

The costs of being hacked are getting more expensive.

The costs of being hacked are getting more expensive. While the average cost of a data breach in the U.S. was $3.62 million in 2017, it’s likely to increase in 2019 and beyond due to the GDPR and California’s Consumer Protection Act (CCPA). These laws put pressure on businesses to keep our data safe, which means companies need to invest more money into cybersecurity technologies and services than ever before—especially if they want to avoid being sued or fined by government regulators like the FTC or CFPB.

To understand why this problem is so important, we have to take a look at how much each type of cyber attack costs your business:

Protecting your data requires a team effort.

A data breach can happen to anyone, but the responsibility for preventing it falls to you. As a PR professional, you need to take the time and effort to develop a comprehensive cybersecurity plan. This means training your team on best practices and insisting they follow them, creating a formal data protection policy, implementing strong passwords and using password managers, keeping software up-to-date, having a solid response plan in case of an incident (and practicing it), ensuring backups are secure.

Even if you’ve done all that—and even if everyone else on your team follows suite—it’s important not to get too complacent when working with sensitive information online: there’s no such thing as 100% security online. Make sure that any company devices used by PR pros are password protected; use public Wi-Fi judiciously (where possible); keep tabs on who has access to what when outside of work hours; back up everything regularly so that if something does go wrong at some point down the line you won’t lose everything at once; avoid sharing data with apps or services whose security practices aren’t clear (or simply trustable).

Hackers get smarter, so you should too.

Cybersecurity breaches can be hard to avoid. But there are measures you can take to prevent them. Hackers and their malicious software have been getting smarter over time, and cybersecurity professionals must adapt accordingly in order for their organizations to remain secure.

If you want to stay on top of the latest trends in cybersecurity, here are five things you should know:

• Be aware of common scams like phishing emails and spearphishing attacks that try to get people to share sensitive information with attackers (like passwords).
• Understand how ransomware works—and how businesses can protect themselves from it or recover from an attack if they’ve already been hit by it.
• Know what social engineering is and how it works so that when someone tries this tactic on you, your employees will be able to recognize it as a scam right away and not fall victim themselves!

Don’t rely on technology alone for data protection; employee training and clear policies about device use are crucial.

We need to stop relying on technology alone for data protection. I’ve seen too many companies and organizations that have fallen victim to human error cybersecurity breaches, because they’ve put all of their eggs in a single basket.

I recommend that PR pros take the following steps:

• Be proactive about security. Have a cyber security policy in place and make sure all employees are aware of it. Obtain specific training for each new employee, so they know what’s expected of them when it comes to cybersecurity measures like password creation, device use rules (no personal devices at work), etc., as well as how to behave when working with clients who may be compromised by malware or phishing attempts.
• Use cloud-based backups or other forms of redundancy when storing valuable data on your computer or laptops/tablets so there are multiple copies stored in different places outside of your office space—and always follow best practices when it comes time to dispose of old hardware devices (eBay is one option).
• Clearly define who within your organization is responsible for various aspects of cyber security policy enforcement and maintenance (this is where careful planning comes into play). You should also consider creating an easily accessible list of things customers should do after being hacked—including changing passwords immediately; contacting law enforcement; installing antivirus software; updating account permissions; checking credit reports from all three bureaus (Equifax, TransUnion and Experian); contacting call centers associated with financial institutions whose accounts were compromised by hackers; updating passwords at other sites where same passwords were used—so users don’t have trouble logging into these accounts later on down the road.