Page 105 - Cyber Defense eMagazine June 2024
P. 105

Phishing and cyber-attacking

            Phishing is a technique to acquire confidential data through deceitful solicitation in an email or website.
            This data can be login details or (PII) acquired by a phisher imposed as a reputable person.

            Cyber-attacking occurs when attackers find bugs or system vulnerabilities in an organization and then
            exploit them completely. These vulnerabilities or bugs arise due to insider threats such as a lack of
            awareness, negligence, and fast errors due to stress, overwork, or lack of common sense.



            Unregulated Data Access

            Employees’ unregulated or unauthoritative access to an organization’s data can result in misuse and data
            changes. Organizations should only allow data or system access to required and assigned systems and
            employees. This will result in better data management and coordination.
            Despite these, there are other human errors, such as clicking on unauthorized links, sharing wifi networks,
            not locking company systems, etc.

            Human error is one of the most challenging aspects of security to de-risk. However, with the proper
            mitigating measures and the latest technology, organizations can detect, prevent, and eliminate most
            human errors in cyber security.



            Mitigating Human Error in Cybersecurity

            Reducing  human  error  in  cybersecurity  involves  multiple  layers  that  address  all  aspects  of  human
            behavior, knowledge, and technology. Here are some ways that can help in mitigating human errors in
            cyber security:



            Training and Awareness

            Educating employees on cybersecurity measures can help them recognize and avoid potential problems.
            For  example,  a  weekly  phishing  simulation  exercise  that  educates  employees  to  identify  and  report
            suspicious emails can equip them to steer clear of phishing attacks, giving them a sense of control over
            their digital security.



            User Access Control

            Limiting access rights based on job duties can reduce the chances of data spillage or unauthorized work.
            For example, suppose employees can access sensitive data irrelevant to their job. In that case, they
            might  inadvertently  misuse  or  leak  this  information,  leading  to  severe  legal  and  reputational







            Cyber Defense eMagazine – June 2024 Edition                                                                                                                                                                                                          105
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
   100   101   102   103   104   105   106   107   108   109   110