The best defense is a good offense. So the more that businesses invest in security technology, the safer they should be from hackers, right? Take a look at the impact information security breaches had for these people.
“My company incurred a hefty fine after a major data breach led to civil and criminal investigations.” Data breaches can often lead to expensive legal proceedings.
“A cyber-attack on my online business caused massive reputational damage when the credit card details of my customers were leaked.” Consumers are quick to lose faith in a company with poor online security.
“I was forced into spending several millions on shielding my company’s systems after hackers installed malware.” The cost of fighting hackers deprives the US economy of over $100 billion a year. Last year 75% of all attacks were financially motivated
“I accidentally installed rogue software on my computer, severely damaging my business.” Almost 19% of security breaches occur through internal accidents such as these, while only 10% of breaches are internal malicious ones. 71% of breaches are external.
“After being implicated in an internal data breach, I was fired from my job and narrowly avoided a lengthy prison sentence.”
Ella has received an ‘urgent’ email from her bank. When she clicks a link in the email, it merely opens to her bank’s homepage. The urgency of the email now appears suspicious. She asks you what is the first thing she should do to avoid a possible security breach.
- Contact the internal IT helpline to discuss the email.
- Search the web to check if the email is a known scam.
- Contact her bank to verify the email’s origin.
- Forward the email to her local IT person.
Phishing attacks attempt to gain sensitive information by pretending to be from a friendly source. Be aware that official sources will never email or text you looking for login or account details. If you receive something suspicious, report it – even if it appears to be from our CEO! Don’t delay in reporting technical issues. Interacting with a suspicious webpage could likely result in identity theft – and potentially more damage. If you are unsure who to report technical issues to, you can find out here. In addition, never forward personal emails to your work email, or to any third party. They could contain malware. Suspicious emails should only ever be forwarded to IT if specifically requested.
The link Ella clicked installed malware on her device, designed to steal data and post it on public websites. Amongst other data stolen from her machine was confidential client data.
- There is nothing important on her computer so there is no loss.
- Fines could be imposed on us by the regulator.
- Legal action could be taken against our company by affected parties.
- Compromised systems may have to be taken offline to halt data theft.
- We could be prevented from operating our business.
- We could incur damage to our reputation.
Ella now understands that introducing malware to our network would have huge repercussions. Because malware may steal workplace login details, such breaches place our company and our clients’ data at risk. Legal, financial, and reputational implications would result from an investigation and the subsequent publicity. Our information security systems would need immediate analysis and maintenance. This small breach could shut the company down!
- Recognize the hidden threats that might breach our company’s IT security or compromise the security of your personal information.
- Protect your work email account by limiting correspondence to professional communications.
- React promptly and responsibly to any suspicious email correspondences you may receive by escalating incidents through the correct channels immediately
This content is an extract from the data privacy training course.