Here’s a question haunting CISOs, IT security team members, and other decision makers regarding cybersecurity: what department in your enterprise is the most vulnerable to a digital threat?
Employees are well-known to be the largest attack vector in any enterprise’s digital surface. The prevalence (and continuing success) of phishing attacks and social engineering serves as proof of this. If the most vulnerable employees and departments could be more adequately protected, your entire enterprise could breathe a much needed sigh of relief.
Most cybersecurity observers and experts would assume their finance departments are threat actors’ primary target. Granted, finance is certainly a lucrative and popular target. Hackers often will send phishing emails to finance team members, hoping they will fill fulfill false invoices without realizing the deception.
However, the most likely digital threat target in your enterprise may surprise you; it’s likely your HR department.
Your HR department handles some of the most sensitive information in your enterprise: employees’ social security numbers, tax information, salary information, etc. According to the Verizon 2018 Data Breach Investigations Report, a phishing email to the HR department could give hackers the tools to file false tax returns.
Hackers could then direct the subsequent fraudulent tax refunds to their own bank accounts…causing potential losses in the hundreds of thousands.
Indeed, the Verizon 2018 Data Breach report has noted a worrying uptick in HR department-directed attacks in 2018. In their article on the matter, Business Insider attributes the increase in attacks to a lack of cybersecurity training for HR employees. This reinforces the constant cybersecurity refrain that every employee receives continual and engaging cybersecurity training.
The digital marketplace is a perilous place, and every employee (including your HR department) needs the tools to conduct themselves safely while working within it. Cybersecurity training is a short-term and long-term investment, the benefits of which can be felt for years to come.
Other Resources:
You Need to Hire More Female Cybersecurity Professionals
In Focus: The Desperate Shortage of Women in Cyber Security
Gartner’s 2018 Magic Quadrant for Endpoint Protection Platforms (EPP): What’s Changed?
4 Tips For Endpoint Security Solutions (That Everyone Forgets)
Comparing the Top Endpoint Security Vendors — Solutions Review
Answering the Top 4 Enterprise Endpoint Security Questions
What Can We Expect for the Future of Endpoint Security?
Six Endpoint Security Vendors to Watch in 2018
The 25 Best Endpoint Security Platforms and Tools of 2018
Ben Canner
Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
- The Best Udacity Nanodegree Programs for Cybersecurity - December 27, 2023
- 7 Best Endpoint Security Courses on Udemy to Consider - December 26, 2023
- The 12 Best Cybersecurity LinkedIn Learning Courses - December 17, 2023
