This October is cybersecurity awareness month, and it’s our job to educate all members of the Fordham community on how to and why you should be cyber safe. Students, staff, and faculty have the opportunity to be the first line of defense in protecting our organization as most cyber crimes begin with human error. As hackers become more advanced, so do the tools we use to fight them, leading many cyber criminals to rely on human error to deploy malware.
According to the Cybersecurity and Infrastructure Security Agency, 90% of all cyber attacks begin with an employee falling for a phishing email. Forbes reports that for data breaches, “the human element” still makes up the majority of incidents (74%).
While an aware workforce can’t replace the IT department, most attacks, like phishing and password breaches, target end users directly. This is why cybersecurity training is imperative to managing risk within an organization. Employees are required to annually complete Terranova Security Training, a series of online courses on protecting sensitive information, preventing security incidents, and how to maintain cybersecurity standards while working from home.
However, according to ISACA, the best way to promote long term awareness in cybersecurity is through real world case studies. When employees know the impacts of breaches in the real world, they’re more likely to understand the purpose of cybersecurity training and implement behavioral changes to best secure the organization. Even non-technical employees can keep up with current events in cyber (by subscribing to our security blog) to see concepts like least privilege and continuous monitoring in practice.