Unfortunately, humans can be a significant threat vector. TechRepublic spoke with Eric Cole, CEO of Secure Anchor, about how businesses can protect their employees while online and at work.
"Make employees aware they are a target," Cole said. Many employees are naive and believe they aren't "important enough" or high enough up in a company to be a target, and that's exactly what a hacker wants them to believe. Hackers are going to go after the easiest person and it only takes one click, he added.
Though it may be controversial, Cole said companies have found a lot of success with limiting and filtering out attachments and embedded links from external sites.
"Those are the two biggest sources of compromise, and most of the attachments—when we've actually done the research—are not legitimate," he said. "By limiting or blocking attachments and embedded links, companies always say, 'Oh, it'll have a huge impact" and it's always less than what they think the impact is, and the security benefits are huge.'"
- 42% of the most popular websites are vulnerable to cyberattacks (TechRepublic)
- Report: Email attacks increasing, but none as much as impersonation phishing (TechRepublic)
- Resilience to phishing attacks is failing to improve (ZDNet)
- Guidelines for building security policies (Tech Pro Research)
- This phishing attack pretends to come from someone you trust (ZDNet)
Dan Patterson has nothing to disclose. He does not hold investments in the technology companies he covers.
Dan is a Senior Writer for TechRepublic. He covers cybersecurity and the intersection of technology, politics and government.