Advanced security collapses like a house of cards if your users are not trained in digital hygiene
Strong basic security is a regulatory requirement. That starts with digital hygiene training for your employees. This necessity has grown as cyber-attacks are occurring at the drop of a hat. Both large and small organizations can sense the upcoming threats. In response, they choose to rush to advanced security. But that high-end cybersecurity gives a false sense of security if the basics aren’t on point.
A digital hygiene training course
Becoming familiar in a digital environment does not come naturally to everyone. Everything happens so quickly that small details are easily overlooked. That is why it is important for companies to help its employees get familiar. Digital hygiene training ensures that users are aware of the dangers of technology. You do this with a smart approach. After all, you obviously don’t want them to get frightened within their work environment. The goal is to protect both your organization and your staff. You can read all about digital hygiene in this blog.
The importance of solid basic security
Large organizations have the resources to implement top-notch security. But that does not mean they are immune from digital crime. Employees play a big role in preventing or allowing a cyberattack. Now and then, that goes terribly wrong.
Let’s examine the cyber attack on U.S. mobility company Uber in September 2022. A Phishing attack a few years ago caused an Uber employee’s username and password to be hurled onto the Dark Web. An 18-year-old hacker bought the stolen data and got to work. Fortunately, all Uber accounts were secured with Multifactor Authentication (MFA). Perfect, nothing wrong! Right? False. The employee received a plethora of daily notifications on his app to approve login attempts. Despite not being it himself, he eventually accepted. Bam! The loot is secured. Swiftly and innocently, great chaos ensued. The young hacker wiggled his way into Uber’s entire system. The total damage is unknown at this time. Chances are he gained access to large databases of personal data.
That leads us to 3 human errors in the story:
- Struck by a devious Phishing email. Quickly and unobtrusively, login credentials were stolen.
- Hackers were after his login credentials. By leaving his passwords unchanged for a long period of time, he was an easy prey.
- Due to the many login requests he received, he eventually gave in. The phenomenon is also described as an MFA Fatigue Attack.
Avoiding a false sense of security
The bottom line: human error plays a major role in causing a cyber attack to fail. Advanced security technology does its job 99% of the time when properly configured. But if basic security combined with digital hygiene is not on point, then you’re filling a bucket full of holes. The amount of Phishing attacks are proof of this. If they were not as effective, the number of cases would not have risen so sharply in recent years.
At Safe-Connect, we also recognize the need for Digital Hygiene is growing. Therefore, our customers benefit from Digital Awareness Training with Awaretrain. An E-learning platform to identify and take action against digital dangers step by step. They are provided with useful tips to become familiar in their work environment. Using teamwork, they take the next step towards a safer organization!