Another day, another major cyber attack.
The pro-cheating dating website Ashley Madison is just the latest company to suffer a huge security breach possibly exposing the personal details of millions of users worldwide.
As these types of incidents become more common, companies are increasingly investing in cyber security protections. But even with the best systems in place, hackers can still easily break into a company’s network if workers aren’t also being diligent about security.
There are two things that every employee should be doing to help keep their company safe from cyber criminals, Chris Young, general manager of Intel’s Security Group, told Business Insider.
“Think before you click. That is the number one thing that every average employee in an organisation can do,” Young said.
Humans are still the weakest link when it comes to an organisation’s security, according to a survey of security professionals by Intel published Monday. According to the report, successful attacks against companies most often stem from three things: User errors caused by lack of awareness, unofficial use of online services, and using social media sites at work.
Basically, employees are clicking links they shouldn’t be, which can give attackers a way in. One way attackers get in is through the inbox.
“Emails are the number one way that attackers are getting in,” Young said. “They [cyber criminals] are crafting emails and attaching malicious files to those emails and their entry points into these organisations is often through tricking the average user or click on an email attachment and launch a malicious file.”
But these dangerous emails are not as easy to spot as they once were. Cyber criminals have gotten much better at disguising malicious email to make it look more legitimate. So employees need to be vigilant and ask questions about all of the email they receive that raises even the slightest suspicion, Young said.
“You should ask why am I getting the email? Why is there a file attached to it? Why am I being asked to click on it? And you should ask all of this before clicking,” he said.
The second big thing that employees should do to help keep their company safe is to make sure to report any suspicious emails or attachments. And if someone does click on a link or download a file that raises eyebrows, report it as soon as possible so that the company’s security team can investigate quickly.
“There is a huge element that if you are good at quickly identifying a breach and are able to do something about it you can potentially contain it and possibly stop it before the attackers are able to achieve their goal,” Young said. “So if the average employee smells something they should report it.”
Business Insider Emails & Alerts
Site highlights each day to your inbox.