Imagine when a woman walks through the front door to tell you that she had just been in a car accident, that she was working at the front desk of a tech company. You ask if there is anything you can do that can help, but she says it doesn’t matter and asks if you can take her to the bathroom.
Later, you discovered that the woman had inserted a flash drive into an unattended computer and infected their entire business system with destructive forms of malware. This weird, well-designed situation is a demo (hosted by a cybersecurity professional I know). It shows employees that not all network attacks are carried out remotely.
Misunderstanding 1: The cybersecurity team will protect me.
Many employees think they are not special, so they delegate the job of protecting themselves and the business to others. However, when each employee uses multiple connected devices and hackers increasingly target people across the company, there is no excuse.
Misunderstanding 2: IT specialists will not be fascinated by cyber attacks.
Many companies believe that a well-trained IT team is all they need to protect themselves from cyber attacks, but that’s another damaging myth. As Boldin explains, “Even professionals are vulnerable to social engineering attacks. People will always look for simple ways to do things, including IT professionals. Multitasking and everyone’s security will not always be our full focus.”
That is why Boldin recommends “continuing education” for the entire company. Not just annual compliance training, which he calls “the new standard.”
He believes that frequent and continuous “hands-on training” is the most effective way for companies to maintain security.
Misunderstanding 3: Cyber attacks are limited to the digital world.
The scene at the beginning of this article is indeed very incredible. However, once we return to the office, we must remember that physical security is a key part of any powerful network security platform. Causes of many of the major vulnerabilities are strategically placing flash drives, laptop theft, or other forms of physical penetration.