6th May 2019

Employees as a Risk Factor for Cybersecurity

Cyber Sicherheit primärer Risikofaktor: Das Netzwerk der Mitarbeitenden.

and how training and awareness can help prevent it

McKinsey sees insider threats as one of cybersecurity's biggest problems. According to a study, they cause about 50% of incidents, with serious financial consequences for the companies concerned.
There are two types of insider threats: negligent (accounting for approximately 44% of cases) and malicious intent. In order to recognise and counteract negligent behaviour, McKinsey recommends various actions, including:

  • Micro-segmentation: Define high-risk areas and employee segments that have the greatest potential for harm. Work on measures to be taken. This helps to better understand and identify risks and to develop action plans for specific groups of employees.
  • Culture change: In addition to basic training, employees must be trained in cyber security as part of the corporate culture. For example, regular and targeted intervention campaigns are a good idea for improving understanding and learning. The behaviour and attitude of the employees are measured, and action strategies are developed based on this.

The NZZ also recommends targeted training of employees in order to promote awareness of risks and correct behaviour. Employee surveys, for example, make it easier to identify risk groups and develop appropriate measures. By changing the corporate culture, malicious and negligent incidents become less common and the company becomes proactive rather than reactive.

We would be delighted to advise you on how to implement the solutions proposed here.

label
Security awareness
label
Awareness Strategy

Stay up to date with our newsletter and blog subscription:

Thank you for subscribing to the newsletter.
Something went wrong while submitting the form.

Newsletter

Stay up to date with our newsletter and blog subscription:

Thank you for subscribing to the newsletter.
Something went wrong while submitting the form.

RSS Feed

Subscribe to our RSS Feed

Categories

Awareness Campaigns
Awareness measurement
Awareness strategy and concept
Cyber Security
E-learning / Animated movies
Events
Informationsecurity
Security Awareness EN
TreeSolution News
Trends from Practice and Research

Search

Search our website:

Popular posts

Allianz Risk Barometer Report 2024: Cyber incidents the biggest risk
Care4Aware Award 2024 - Apply Now
New NIS2 Directive for increased cyber security protection
Our offer for the European Cyber Security Month 2023
Why Standard Security Awareness Tool KPIs Don't Fully Represent Your Security Culture

Related articles

10th November 2020
category
Awareness strategy and concept
label
Blog Post
label
Change Management

Change management strategy as a success factor

A change management strategy helps in the planning and implementation of security awareness campaigns and projects, as well as in the creation of a security awareness strategy. We explain what it is about and what you should remember.

...

6th November 2019
category
Awareness strategy and concept
label
Blog Post
label
Information Security Management

How to manage a cybersecurity culture

Functional IT security isn’t enough - Employees must also be properly trained. This process begins with proper management of the security culture. Do you know what this process looks like and have you already implemented it?

...

4th September 2019
category
Awareness strategy and concept
label
Blog Post
label
Awareness Strategy

Security culture: what it is and how you can benefit from it

In addition to technical cybersecurity solutions, the correct behavior of employees plays a key role. This behavior is underpinned by an active security culture. Read here what a security culture is, how it is implemented and why it makes sense to build a cyber security cultre.

...

All articles
TreeSolution Security Awareness AG
www.treesolution.com
+41 58 510 98 00
info@treesolution.com
+603 4149 8128
info-apac@treesolution.com
Information
Home
About us
Publications & Talks (PDF)
Partner Program
Case Studies
Downloads
News & Blog
Contact
Privacy Terms
General Terms and Conditions (GTC)
Solutions
Security Awareness
Awareness Strategy
Security Awareness Measurement
E-Learning
Awareness Campaigns
Phishing Training Service
Chatbot Training Service
Become a member
Security Awareness Club
Social Media
Subscribe to our Newsletter
Subscribe to our RSS Feed
TreeSolution LinkedIn Profile
TreeSolution YouTube Channel
TreeSolution Pinterest Profile
X
In order to be able to optimally design and improve our website for you, we use cookies. By continuing to use the website, you agree to the use of cookies. For more information about cookies, please read our Privacy Terms.