Beware the unintentional cybersecurity threat

An article in Computer World this week highlights insider threats and cybersecurity. In this case, an employee of Bank of America is pleading guilty to hacking the Bank’s ATM’s using malicious code he wrote so he could get cash out without leaving a record. This case was clearly a highly motivated individual engaged in an intentional malicious act.

Unintentional cybersecurity lapses can lead to significant losses as well. Employees don’t have to be planning to rip off your company or customers to end up doing damage. By connecting  to unsafe websites that install key stroke loggers or other malicious software, connecting USB memory or other devices that are infected, or not keeping security and other software up-to-date employees can unintentionally put your business at risk.

Clearly if someone inside the organization has the access, the desire, and capability it might be hard to stop them. But in the unintentional cases you can be proactive. It starts with a focus on security. According to NCSA’s research only 28 percent of U.S. small businesses have formal Internet security policies and just 35 percent provide ANY training to employees about Internet safety and security. 
That leaves many businesses unnecessarily at risk.

SSO (stay safe online),
Michael