We’re all aware that cyber risk exists. However, we’re more likely aware of cyber threats and attacks at our place of business, and it’s not always obvious how those risks follow us throughout our day.
Every year, Verizon presents a Data Breach Investigations Report According to the 2016 report, many cyber vulnerabilities include human error, such as the 9,576 total phishing incidents with more than 900 resulting in data disclosure.
Since about 2009, hacking, malware and social channels have skyrocketed as the primary means of those breaches. As we said, it’s often human error that makes people and companies vulnerable to these threats through mistakenly opened messages, publishing sensitive content and so on.
With a little more insight into the various ways cyber criminals attack systems, you can take extra precautions to protect your personal and company data in your day-to-day dealings at work and at home.
Malicious Emails and Identity Theft
Your company’s network is likely much more secure than your home network. The problem is, many executives spend at least some time working from home these days, potentially leaving company data on your home computer, laptop or mobile device more vulnerable to attacks.
Phishing, for example, is one type of attack that exploits communication for a breach. An innocent-looking email is sent to an individual with the intent of getting them to take action they normally wouldn’t.
One potential consequence of phishing could be identity theft. According to the Bureau of Justice Statistics, 7 percent of people over the age of 15 were identity theft victims in 2014. In serious cases, a victim could end up with their bank account hacked and their identity compromised after opening a harmless-looking phishing email.
Another potential consequence is your company’s privileged credentials being compromised, including access to your company’s crucial systems and data.
Social Media and Cybercrimes
On another side of cyber risk are your daily social interactions—business or personal—which can come back to bite you.
You may be familiar with Kim Kardashian West’s recent debacle of being robbed at gunpoint in a private bedroom in Paris. According to reporting from CNN , the celebrity’s social media habits are partly to blame, at least as far as the thieves knowing what they were after.
Kardashian West was known for her prolific tweets and other social media updates, and she’d been posting frequently about her whereabouts and activities during Paris Fashion Week. This certainly made her more vulnerable to those with malicious intent.
On the other end of the spectrum, business email compromise (BEC) targets companies that tend to perform wire transfers.
Cybercriminals manage to mimic emails from a company’s decision-makers that seem genuine based on facts the attackers have gleaned from company social media accounts (like if they are in a specific location for a specific event). They typically ask for specific payment transfers from those who have the ability to perform transfers.
According to FBI statistics, BEC has cost more than $1 billion in losses from October 2013 to May 2016.
Training and Insurance Investments Can Minimize Risk
We’ve talked about these types of cyber risks before, and how training and insurance can help minimize risk.
Take the time and extra steps in your daily routine to ensure that your cyber risk management applies not only within the walls of your company, but also to outside key staff.
This might mean implementing cyber risk management training to better inform employees on how to handle devices (like laptops and smartphones) outside of work. (See the Verizon report from the beginning for data on how these devices can be compromised.) Also consider training executives on the importance of discretion when using social media.
The good news is that insurance can cover some BEC situations under your regular crime policy with modifications. For a greater understanding on cyber insurance and how it can help you transfer even more cyber risk, check out this series on the topic.