Cybercriminals are growing increasingly sophisticated in their advances to infiltrate your network’s security defences and gain access to critical business data.
Whilst most businesses understand the basics of cyber security - surfing known websites, creating unique passwords and using a desktop antivirus – we are all targets of this advanced attack. Phishing, ransomware and zero-day exploits make businesses vulnerable across a range of devices - what’s worse is the lack of understanding general users have of vital security measures experts employ to maximise network security.
In a security research paper recently published by Google, entitled “...no one can hack my mind”, 231 security experts reported on the security best practices they use to protect themselves against cyber criminals. These results were compared to a group of 294 non-experts, to better understand the thought process of non-experts and the actions they take to stay safe online.
The study highlights the overwhelming number of non-experts that misunderstand or are wary of the security measures that experts identified as imperative to the safety of their network.
"Automatic software updates can be abused to update malicious content"
Just 2% of non-experts identified installing software updates as one of the most important security measures. They expressed their misunderstanding as to why security updates are necessary, and highlighted their concern for potential risks in performing these updates. One non-expert stated, “I don’t know if updating software is always safe. What if you download malicious software?” These updates contain vital patches which address operating bugs and security exploits, which can leave naive users susceptible to online threats.
"I try to remember my passwords because no one can hack my mind"
Interestingly, secure password management was high on the list for both groups. However, 76% of non-experts avoided using a password manager based on the potential security risks. One non-expert stated, “no one can hack my mind”, justifying their reason for memorising their password as opposed to using a standalone password manager. Experts, however, explain using this solution “[makes] it possible to have both strong and unique passwords”, only requiring the need to remember a master password that unlocks access to those stored securely inside.
Businesses need to be constantly vigilant, aware of threats and become better informed as to how they can protect themselves. Experts agree relying solely on an on premise antivirus “is not a bulletproof security solution” to protect your network against infection, especially against “slightly sophisticated”, uncommon malware. Not only does it provide false security, but antivirus is also an ineffective measure against advanced threats, phishing and zero day spam attacks from intelligent cyber criminals.
A trend amongst the above findings is the thought process of non-experts in overlooking the security measures experts recommend as best practice. They worry that these tactics which are clearly more effective and simplify their lives are a further security risk.
The reality is, this pre-disposition of questioning the security of solutions designed to protect your network results in more susceptible users and business networks.
Businesses are susceptible to debilitating attacks at any time of the day. Security solutions offer the advantage of a readily available team of vigilant experts at a dramatic discount when compared to employing the same level of expertise internally.
The inherent nature of leaders is to be skeptical in taking the plunge and giving direct control of a critical resource to an external party. However, once effectively informed as this study illustrates, these solutions are a godsend for businesses – offering guaranteed levels of real-time security, reliability and scalability as part of a robust infrastructure.
Sitting above the surface level is cloud email and web security, tasked with preventing infection by cyber criminals before they can infiltrate your network and compromise critical business data. Cloud email and web filtering spearheads a successful multi-layered approach. It is designed to stop cyber criminals in their tracks before you risk relying on your internal firewall and an AV layer. Your best defence is your first defence against sophisticated cyber criminals that are unwavering in their attempts to infiltrate your security walls.
Keep up to date on the latest security trends by subscribing to MailGuard’s weekly update or follow us on social media.