You’ll often hear the phrase ‘people are the weakest link’ when it comes to cybersecurity. After all, it’s people who click those dodgy links, right … “if only they’d stop and think”!
Don’t the statistics support this view? With almost half of all businesses in the UK falling victim to a cyber breach or attack*, raising to 75% for large businesses, a massive 86% of these are caused by phishing attacks. These use social engineering to lure people into clicking links which then allow the attacker to steal user credentials, credit card details, or to install malware.
But here’s the thing, phishing works because we’re human. We spend our busy and productive days clicking perfectly harmless links from colleagues all the time, and phishing uses tried and tested social engineering techniques, similar to the 'nudges' we see in advertising. We’re all prone to falling victim to these increasingly clever scams, especially when:
- There's some urgency
- They’re directed at you personally
- There’s a threat if you don’t act quickly, or a reward if you do
- It appears to be from someone in a position of authority
- It’s related to a current event, like covid
Incredibly, a third of businesses take no action after a breach, but if you want to reduce any business risk, including cyber security risk:
- How you manage people’s adoption of new technologies, policies, or processes matters.
- How you train them on the awareness of the risks matters.
- How you nurture the right risk management culture matters.
Sysdoc uses aviation principles in all we do, and where risk management is concerned it’s these principles that have made flying the safest form of transport. We can help you reduce your cybersecurity risk by:
- Understanding how Human Factors influence behaviours and decision-making.
- Using Experiential Learning techniques to provide safe learning environments simulating real-world environments and challenges.
- Establishing a blame-free, Just Culture, changing behaviours to encourage and recognise openness and transparency.
- Learning from Experience to ensure continuous improvement.
- Recognising the value of clearly documented and communicated End-to-End Processes and your role in making it work
- Enabling Data-Driven Decisions, providing an evidence base enabling more dynamic, confident decision making.
Why not get in touch to see how we can help reduce your cybersecurity risks before you become one of the statistics.
*Data from DCMS's Cyber Security Breaches Survey, 2020
Latest blog postsSee all blog posts
Sage article: Cloud adoption, why you should work on supporting your employees first
Manufacturers can save time, effort and money through cloud adoption projects. Around one third of UK manufacturers purchased cloud computing services in 2020. Most would have done so to make the most of well-known benefits such as improved productivity, accessibility, reporting and data security, as well as lower operating and IT costs. However, if you’re looking at cloud adoption for your manufacturing firm, it’s really important that your people are a key part of the process. Rather than implementing the changes then informing your employees, they should be involved from the start. Read this article to find out why your employees should play a role during every step of your cloud journey, how to support them, and how to avoid potential pitfalls within your team. After all, you don’t want to get this wrong and pay a hefty price for delays or even lose key people.
Lessons from Consortium working
An introduction to my experience At the beginning of this year, I started a new project working with a new client and taking on a new role for a large transformation programme. I have worked alongside other consultancies on previous programmes in the past, but this was a first for me, working within a partnership from the offset.
Why Process Excellence is key for a successful ERP Implementation
I have been reflecting on my experiences working on ERP implementation/upgrade programmes whilst also listening and hearing to what others have to say. I think back to these projects and notice everyone was working hectically towards the programme ‘Go – Live’ and were under the impression that once they achieved this Go - Live then we have successfully implemented a new ERP System and our job is complete. I think many people can agree with me that a Go – Live date is just the start of the journey. We have got to think about the people, culture, education, efficiency in processes and where can we reduce ‘waste’.