Cyber attacks remain a growing threat. The sophistication of attacks is increasing and report after report indicates that companies are more at risk than ever before.
In one survey of 5,400 IT decision makers across 30 countries, 37% of respondents said they had been affected by a ransomware attack in the last year alone.
Software-as-a-service assets are at particular risk. According to one report, 40% of SaaS assets are at risk of a cyber attack because of poor management.
Despite the threat cyber attacks present and the risks to SaaS data, companies remain unprepared to defend themselves. Studies indicate companies lack the cybersecurity measures necessary to prevent an attack and the cyber resilience strategy necessary to maintain business operations when an attack hits.
Let’s take a look at cybersecurity and cyber resilience and how measures like SaaS protection and having a SaaS backup can ensure companies are able to weather the storm when tragedy strikes.
There are a number of cybersecurity measures companies can implement to better protect themselves. These include the basics like inventory and control of hardware assets, inventory and control of software assets, and maintenance, monitoring and analysis of audit logs; and other measures like privileged access management, application software security, and penetration testing.
However, in a recent report, security awareness training was cited as the most important cybersecurity measure organizations can implement. Despite its importance, other reports indicate security training is lacking.
In one recent survey, 69% of respondents reported they had received cybersecurity training from their employers. However, when quizzed on cybersecurity basics, 61% of those respondents failed.
Another survey of employees in Australia, Hong Kong, New Zealand and Singapore found that only half believe their managers do not stress the importance of good security practices. Meanwhile, 59% of security and IT managers at those same companies believe they are ‘ticking the security compliance box’.
Cybersecurity training is one of the most cost-efficient ways to reduce the risk of breaches and security incidents. Keeping employees informed about the latest threat intelligence and attack methods is essential for mitigating cyber attacks. Cybersecurity training helps eliminate risky behavior and instill security company-wide best practices. In order to be effective, cybersecurity training should cover topics like email, unauthorized software, passwords, social engineering, personal devices, and social media.