#DTX Tech Predictions Mini Summit: How to Build a Strong Cybersecurity Culture

The ways organizations should go about establishing a strong internal cybersecurity culture was discussed by a panel during the Tech Predictions Mini Summit.

The speakers firstly acknowledged that cyber-criminals are increasingly exploiting the lack of security awareness amongst staff to target organizations. Javvad Malik, security awareness advocate at Knowbe4, outlined social engineering attacks and credential stuffing attacks as among the main vectors he sees employed, methods which trick users into clicking on a malicious link or giving away crucial information.

Marianna Pereira, director of email security products, EMEA, Darktrace agreed, noting that “what we are seeing is that attackers are really tapping into those basic emotional responses that we’re prone to have, whether it is a sense of urgency, fear, doubt and uncertainty.” She also observed that criminals are leveraging trust in these attacks, for example by gaining access to a corporate email account to send phishing links to unsuspecting customers. “The recipients will trust the source and therefore be more likely to engage with that,” she added.

Recognizing that staff are often the biggest risk to organizations, and taking steps to improve basic cybersecurity understanding and behaviors, is therefore critical. Martyn Booth, CISO at Euromoney Institutional Investor, said that simply outlining secure behaviors is not enough; to create real change staff need to appreciate why such practices are important in order “to bring them along the journey.” With this in mind, at Euromoney, sessions have been brought in that show staff how they can be more secure in their personal lives “in the thought that ..

Support the originator by clicking the read the rest link below.