In House - The FindLaw Corporate Counsel Blog

How to Avoid Self-Inflicted Cybersecurity Wounds

Surprising as it may seem, the next cybersecurity breach will probably come from the inside.

That's because employees are often the source of the problem; they don't practice safe-internet. Disgruntled workers, too, may leave behind viruses that are harder to get rid of than an STD.

So if your company has a tendency for self-inflicted cyber wounds, the first thing to do is remove all the sharp objects. This is the inside story about how to fight cyberattacks.

Trojans and More

"Trojans" started with an ancient wooden horse -- not a prophylactic. Fast-forward past the misnomer, and now they are malicious programs that get into your computer system.

Like most cyberattacks -- ransomware, phishing, and viruses -- they come through the front door. Typically, an employee invites them in when they open an email, download an attachment, or visit a web site.

How to fight these invasions? In a word, training, training, and training.

"Security awareness training is often overlooked but is as important as any anti-malware system within an overall security strategy," writes Michael Trachtenberg for Forbes.

Ongoing, Remediation and More

Trachtenberg, a chief technology officer, recommends a training site with ongoing and remediation training. Build a cybersecurity training curriculum, too.

"Have these training lessons built into the onboarding process, and hold people accountable for learning the material," he says.

Cyber accountability begins at the door -- where workers start and end their jobs. If you have employees who don't take cybersecurity seriously, you may have to show them the door to a safer location.

If the people of Troy had looked a little closer, they probably would have seen the enemy inside that wooden horse.

Related Resources: