In the past few days, there have been numerous articles on the risks to US Businesses from Chinese Hackers. However, if you dig a little deeper, it becomes very apparent that the greatest risk to most US Businesses is not the Chinese Hackers. Your greatest risk is your own employees! While employees have been losing laptops and thumb drives for years, taping passwords to computers, and leaving files on trains, their use of the internet and social postings has created substantial additional cyber risk. According to a new report by the data security solutions firm Trustwave social posts by employees can help thieves execute a cyber attack. The report warns that, “Posting one’s place of work on Facebook might not seem dangerous, but when combined with co-worker connections on LinkedIn, pictures of office parties from FlickR and check-ins on Foursquare, an attacker can create a very detailed picture of the internal workings of a company without ever setting foot inside.”
This threat makes educating employees much more critical. All of the security measures in the world will be ineffective if your employees are not on board and following them. Education and training are critical. This is not just an IT issue. You must take a more holistic approach to protecting your Company. IT, HR, Risk Management, and every employee must be personally vested in safeguarding the Company’s assets, and their jobs!!