It seems that every day, there are more news stories about companies that have had some sort of data loss incident. Unfortunately, it can lead to becoming numb to the news. However, ignoring the increasing risk associated with data loss is not a solution, and should result in doubling-down on security efforts.
A great place to start is to analyze the ways in which data loss can occur. As discussed in our Cybersecurity Awareness Training sessions, in their 2018 Data Security Incident Response Report, the law firm of BakerHostetler provides a breakdown of how data was lost during confirmed data loss incidents:
- Phishing, 34%
- Network intrusion, 19%
- Inadvertent disclosure, 17%
- Stolen/lost device, 11%
- System misconfiguration, 6%
Of these, three of the causes (phishing, inadvertent disclosure, and a lost or stolen device) totaling nearly 2/3 of all incidents have little or nothing to due with technology – they are all due to user behavior! The best and most up-to-date firewall in the world can’t stop an employee from leaving their laptop in an unlocked car.
This is why user education is the single most important security tool in your arsenal, and why Suite3 has made training classes free to our clients. We have taken a summer hiatus for the regularly scheduled classes in our office, but will be conducting private training sessions for individual clients throughout. If you’d like more info on having us conduct a Cybersecurity Training session for your business, please reach out to us today!