- +1 (246) 248-9636
- services@cyawarebb.com
- #77 Arawak Road, Chancery Lane, Christ Church, Barbados. BB17117
CyAwareBB is committed to advising Organizations on the level of risks posed by Cyber Criminals and advising on the best methods to reduce this risk at the Human Firewall level. We will assist you in creating your Human Firewall.
As a prerequisite CyAwareBB will always ask the CEO or CFO or its Director(s) two questions,
“What is the value of your current data to your organization”?
“ What would be the consequences if your data was lost or restricted from access for a lengthy period”?
If the data is perceived to be of no value to the organization then read no further and it would be assumed that the Data Network could be taken down as a cost savings, however, we all know that it would be impossible to continue business without your data. Your Data & Employees are your two most critical assets.
Data access is now so critical that 5 minutes of downtime could result in a significant loss for any organization where access to data has a high criticality rating.
Some organizations may be able to sustain a data outage of 24 hours, but again there is a loss associated with this outage, it could be reputation, productivity, or customers/clients, these all translate to a financial loss.
Cyber Crime via Phishing affects 1 in every 5 users across the internet and private Networks. This means that Phishing has established the notorious reputation of being the most common form of cybercrime. Reports have shown that half of the users who suffered a data breach fell for a simple phishing attack. Unfortunately, all of these Data Breaches do not remain at the users’ desktops and very often progress to the entire data network, rendering some data networks totally inaccessible, with spiraling losses to the businesses.
This partly explains why the continued prevalence of phishing attacks resulting in data loss remains a high-risk rating for all organizations.
With more users working remotely the risk to organizations has increased at a significant rate where it has now become mandatory to train all users in the awareness of Cybercrime if an organization wants to reduce their Cyber Crime Risk rating.
It has been assessed that within the last 10 years the victim count of Phishing attempts has increased from 6 victims per hour to 97, which represents a 1517% increase.
Implementing Email filters as you sole method of protection can no longer be considered as highly effective in fighting Cyber Crime, email filters have an average 7-10% failure rate; Organizations now need a strong human firewall as the last line of defence against Cyber Criminals.
Without any training to create the Human Firewall users will continue to put their organization’s data at risk.
There are several steps to creating or enhancing your Human Firewall and these normally involve a change of Desktop cultures where users are accustomed to opening every email they receive and clicking on every link provided within the email.
There is also a misconception that Phishing is only done via email.
Voice phishing/vishing –, This is where a caller (the Phisher/Visher) will impersonate a legitimate individual or company to gain information which is used to steal money and personal and financial information. These scams are on the increase and it has been reported that 77 percent of fraud complaints involve contact between the Phishers/Vishers and their targets, by telephone.
Overall it is now required that a significant behavioral change is required to build an effective human firewall against Cybercrime of the Phishing nature.
In the case of companies & organizations the responsibility rest on the management’s shoulders to provide training for their users as an asset to securing their data. Some of the most recent Cyber Crime events, demonstrated that we can no longer rely on the Infrastructure Network Firewall as the sole protector of data.
Many of you spend huge sums of money on your hardware and software firewall infrastructure to prevent cybercrime, but unfortunately you cannot stop at that point and justify your thoughts of being fully protected. You would have reduced your risk but you have not included one of your most valuable assets in your risk reduction strategy, your users/employees.
It would be neglectful of me not to encourage you to enhance your Cyber Protection strategy by training your users in the avoidance of being the victim of malicious attempts via email and other social engineering attempts used by hackers to gain access to you Network and Data.
Let CyAwareBB guide you in the direction in creating an addition risk reduction strategy of that necessary Human Firewall.