Ostensibly advocating individual awareness of issues surrounding internet use, Safer Internet Day is nevertheless a good opportunity for enterprises to reflect.
Safer Internet Day began in 2004 as part of an EU project called SafeBorders, and aims to raise awareness around emerging, topical internet issues. Originally a European project, the event now takes place worldwide, supported by the likes of Microsoft, Netflix, Twitter and more.
So, what are the internet-based threats most important for businesses to be aware of today? According to Joy Beland, Senior Director, Cybersecurity, ConnectWise, “the biggest threats today are business email compromise and extortion – mainly ransomware. There are many good resources to guide you in protecting yourself from these, and the solutions are not just technical. Yes, you can add an email filter or strong endpoint malware protection, but all it takes is one person not paying attention, and credentials get compromised or malware is given permission to install. Education about what to watch for, like validating the sender’s email address and being careful to click legitimate websites when scrolling through search results, are key to staying safe.”
It’s also a question of culture, with social engineering able to take advantage of the hierarchies present within organisations. “IT security tools are not infallible against human behaviour so businesses need to also apply security to their business practices,” says Jan van Vliet, VP and EMEA at Digital Guardian. “A business’ first line of defense is its employees. Malicious individuals are abusing the fact that junior staff implicitly trust their seniors and that they fear for their jobs if they do not act quickly as instructed. As a first resort make sure your staff are trained to require third party validation for any financial transaction or introduce payment procedures requiring multiple sets of independent eyes. You must put in place processes and beliefs that when out of the ordinary requests come through they should be questioned."
One possible solution to such threats is automation, thus removing the potential for human mistakes, as Rob Mellor, vice president and general manager EMEA, WhereScape, explains: For businesses looking to maximize the value of their data and keep it safe, data automation software is a great option. Data automation significantly reduces the amount of manual coding, allowing IT staff to dedicate more time to deliver results for the business. In addition, data infrastructure automation also aids in data privacy and compliance. Automation does this by enabling businesses to know where each piece of data sits and who can access it, as well as tag it and track its lineage in order to have a complete picture of how it is being used.”