Effective security management combines technical protection with human factor engineering. Would you be surprised to learn that exploiting human flaws contributes to a greater majority of system hacks than technical breaches? That’s right. If you’re only focusing on system-level protection, you’re leaving a huge gap in your security framework.
According to a recent report from Proofpoint, The Human Factor 2015, “most advanced attacks rely as much on exploiting human flaws as on exploiting system flaws.” End users, who use email, interact with social media, and visit URLs, are vulnerable to exploitation. Clicking without thinking can yield disastrous results.
According to the article, on average, one of every twenty-five malicious messages delivered is clicked by end users. No organization is immune. All industries are targeted. All roles are targeted, with a particular emphasis on middle management. Every department is a target.
The most-clicked email allures are communication notifications such as e-fax and voicemail alerts. Other lures include social media invitations, order confirmations, and email lures that employ attachments like invoice or account statement.
One way to mitigate this risk is by implementing an end user security awareness training program and making it evergreen – one requirement of HIPAA security compliance. Orion Group, as part of our arsenal of software tools, sells and supports a cloud-based, eSecurity training program designed for just this purpose. Ask us for a demo.
Orion Group Managed Services offers Security Management consulting support and assists our customers in its design and implementation. Schedule a consultation today with one of our experts to get your organization on the right track.
Reference: The Human Factor 2015, author Proofpoint.