Is your network safe from yourself?
Every IT company focuses on network security, they preach the need for firewalls, anti-virus and anti-malware along with a host of other tangible network security lockdowns your company should implement but few of them concentrate on the real vulnerability in most organizations, the users.
Cybercrime is rampant and big, big business. More than ever before your users are the weakest link in your network and the biggest risk to your company's security. According to Verizon, 67% of cyber espionage started with a phishing email. A user clicking on a link that looks real but in reality starts the process of wreaking havoc on your network. Often times this will go one for months or even years before it is exposed.
I’m pretty sure you’ve heard of the huge data breach at Target. They estimate that about 42 million people had their information stolen. 42 Million! I bet you never heard of Fasio Mechanical. I bet that you didn’t know is that the breach happened because of a small business, a business like yours and mine. Fasio Mechanical is an HVAC contractor in Pennsylvania that unknowingly let the bad guys into the Target network.
You’ve also probably heard of Ransomware or Cryptolocker. Ransomware has hit nearly 50% of all organizations in the last 12 months. The ransomware business is booming. If you’re a bad guy you can even go to a website and cook up a ransomware attack with just your credit card.
Your network is like your building, anyone with a key can get in and once in then they are free to move around the building unimpeded. Every one of your employees has a key as does each of your vendors that have a device on your network.
So how can we help?
Contact us today for free baseline testing of your users. We will let you know how prone they are to click on a phishing email by sending them a simulated phishing attack.
Email Exposure Check
The one-time free exposure check will tell you what email addresses in your company are exposed on the Internet and available for cybercriminals. The more of your companies’ email addresses that are exposed the bigger your attack footprint is and the higher the risk to your company.
Domain Spoof Attack
This one-time free domain spoof check will show you if the cybercriminals can take those exposed email addresses and send email as one of those people. This is where “CEO Fraud” and spearfishing start. Now they can send all of your employees an email that looks official, they social engineer your users into clicking on a link.
We can work with you on a number of fronts and that’s what is needed to keep your company secure. Security is not a technology problem it is a human problem. We work with your users to make sure they understand the mechanisms of cyber security and how they can apply that knowledge in their day to day activities on the job.
- User Security Training
One-time training is not enough today’s environment requires on-going training and testing.
- On-going phishing testing for all email users
- On-going online cyber security training including any or all of the following topics
- PCI Compliance
- CEO Fraud
- Strong Passwords
- Handling Sensitive Information
- Mobile Device Security
- Credit Card Security
- GLBA Security Awareness
Safe Web Browsing
- On-Going Phone Phishing (Vishing) testing
- USB Drive Tests
- Full reporting on user’s activities in order to educate them better and protect your network.