March 21, 2017

6 Surprising Ways the Rise in Cyber Crime is Linked to Employees

Cyber crime statistics around the world are frightening.

Cyber crime was the second most reported economic crime in the Global Economic Crime Survey 2016 from PwC affecting 32% of organizations.  

A recent crime survey in the U.K. showed that cyber crime offences have increased 8%. Online fraud is a huge issue, and fraud has far surpassed burglary and theft as the highest volume crime.

According to a post, the global cost of cyber crime will reach $2 trillion by 2019, which is three times the 2015 estimate of $500 billion.

But while you often hear that all types and sizes of workplaces and businesses are being attacked, cyber crime trends show that fraudsters are increasingly targeting people directly, according to Katy Worobec of Financial Fraud Action UK. So while it’s important to invest in computer software and other safeguarding systems to stop criminals, the workplace must also recognize that people are the first line of defense.

Here are 6 ways the rise in cyber crime 2016 is linked to employees... and what to do about it.   

  1. Mistakes. Employee errors cause the most data breach incidents in cyber attacks, according to a recent Identity Management Institute report. It just takes one employee to click on a (malicious) link in an email – and compromise an entire network. Create a cyber security plan that includes computer security monitoring solutions as well as comprehensive rules and processes for employees to follow online. Teach employees to recognize ransomware and other scams in on-going security awareness training. 
  2. Insiders. According to the PwC research, almost half the incidents of serious economic crimes were carried out by insiders. To address this, improve security systems, teach characteristics of fraudsters and provide a ‘Tips Hotline’, conduct background checks, and create a culture of security.
  3. Mobile device management. Fraud attempts originating from the mobile channel have increased 173% between 2013 and 2015, according to the 2016 Current State of Cybercrime from RSA. With an estimated 80% of people having a smart phone by 2020, it’s important to put a comprehensive mobile security policy in place now.
  4. Access to information. Access to personal information was one of the categories of computer misuse crimes identified by the U.K. Crime Survey. A comprehensive document management process protects information from creation to destruction. Partner with a trusted document destruction company that has a secure chain of custody for the secure disposal and destruction of paper and digital documents.
  5. Complacency. As one blog post pointed out, complacency is deadly when it comes to workplace security. Protecting against hackers and online thieves has to become the responsibility of all employees, and culture is an essential tool. Support a culture of security from the top down, actively engage employees on the risks of cyber crime, and involve employees in data breach solutions.  
  6. Data breach response. The PwC survey showed that only 37% of organizations have a cyber incident response plan. Without one, employees don’t know what to do when a data breach occurs. Perform regular risk assessments, and create an incident response plan.  

Physical documents also run the risk of being breached by a malicious insider. A Clean Desk Policy is one of the simplest and most effective ways to protect confidential information in the workplace.