As data breaches and the loss of personal information become more ubiquitous, the importance of cybersecurity inside the workplace has become increasingly imperative.
Continue Reading Below
According to the 2018 Data Breach Investigation report released by Verizon, there were more than 53,000 incidents and 2,300 breaches in 2017, with almost 75% of those perpetuated by outsiders.
The issue of data privacy came into the light again after reports emerged in March that Facebook had inadvertently allowed the political consulting firm Cambridge Analytica to collect and misuse the data of more than 87 million users.
So what can companies do in order to protect themselves? Verizon’s global head of cybersecurity, John Loveland, suggests starting with employees and training them to be vigilant of how hackers can breach the system.
“The first step is really to understand the true nature of the treat you face as a company,” he told FOX Business’ Dagen McDowell during an interview on Tuesday. “Beyond that, clearly there’s technical solutions that can be employed. I think a whole lot of companies fail to recognize the people aspect of it.”
In 2017, not only did phishing attacks – the practice of sending fraudulent emails purporting to be from reputable, credible companies in order to entice individuals to reveal personal information – increase, but the emails tended to be better and more realistic appearing, he said. In order to combat that type of scam, companies need to train their employees on how to be cyber aware.
“Most of the malware attacks start from a person clicking on an email. You’ve got to really realize the first and last line of defense in cybersecurity attacks is the people side,” he said.
But companies also need to be aware of potential fixes, Loveland warned. He pointed to Equifax, which came under fire for allowing the personal information of 143 million Americans to be compromised. The credit reporting agency, it was later revealed, had a security patch to fix the vulnerability two months before the attack, but chose not do so.
“A fatal flaw for a lot of companies is not keeping up to date with the latest patches to software that expose them to security vulnerabilities,” he said. “We saw, and this happened with the Equifax breach last year, one of those marquee attacks that got a lot of people’s attention. And it came down to a failure in their patching of certain software that created the vulnerability that was exploited.”