An important component of such new processes should be the education of staff , she believes , and “ employees should be sensitised to the world of threats on their digital doorstep ”.
A lack of cybersecurity knowledge makes remote workers especially susceptible to phishing attacks . Exploiting human weakness is often simpler and more successful than hacking complex computer systems , thus attackers utilise psychology to persuade workers to " open the door " for them , according to Nimmo .
“ The core of a security programme should be educating your personnel about ‘ social engineering ’ and how to avoid it . People are given the ability to serve as the first line of defence in case of security breaches by having a ‘ human firewall ’. As a result , Security Awareness training should be a requirement for all employees , both during onboarding and annually ,” she adds .
“Operating across this variety of uncontrolled networks increases the attack surface and leaves businesses more vulnerable to cyber threats ”
RAJESH GANESAN PRESIDENT OF MANAGEENGINE
cybermagazine . com 71