Security culture and the human element of cybersecurity
Identify the risks and vulnerabilities posed to your company by remote and hybrid work
Read time: 4 minutes
Over the past decade, digital transformation has been a core focus for growing industries. From eCommerce to online education, medical records to app-based insurance claims, companies across industries have been on a steady trajectory of technological growth. But in 2020, slow and steady growth became fast and furious change. The way the world works was altered virtually overnight ... and likely for good.
Today, 72% of organizations offer hybrid work options for employees, and 43% say they will keep hybrid work options going forward.
While there were many variables involved in the specifics of how companies responded to this tipping point and its ramifications, three overarching trends have emerged:
The rise of remote and hybrid workforces
The need for ubiquitous, accessible information
The evolution of company culture
Unfortunately, the quick pivots and band-aid solutions that got organizations through the pandemic until things “got back to normal,” weren't long-term solutions to build a secured, sustainable future in this new era of borderless work. Today’s companies need to understand their vulnerabilities, mitigate their risks, and drive a security culture that supports their people and protects their information.
The human element of cybersecurity
According to Verizon’s latest Data Breaches Investigations Report (DBIR), 82% of data breaches involved the human element such as stolen credentials, phishing, misuse, or simply a mistake in which information was exposed.
Mistakes are an essential part of the human experience — a valuable source of learning and growth. However, in cybersecurity, even small mistakes can lead to huge consequences. Potentially damaging missteps too frequently go unaddressed with organizations that don’t have a thorough understanding of what’s at risk. This challenge has been heightened exponentially due to the prevalence of remote working.
According to IBM Security’s 17th Annual Cost of Data Breach report, the average cost of a breach was $1.07 million higher in breaches where remote work was a factor in causing it. When employees are away from the office, they tend to be less mindful of security best practices and may adopt bad cybersecurity habits. These bad habits combined with the lack of appropriate security controls at home cause more frequent and more costly breaches.
Ransomware is always just a click away
A devastating data breach can happen to anyone. And the likelihood is greater than ever.
Verizon’s 2022 DBIR stated that ransomware has increased 13% in breaches, greater than the last five years combined. All it takes for a cyber attack to begin is for one employee to click on a phishing email or respond to a social networking message. And it’s easy to do. Hackers are clever — messages often come proxied and it can appear as if they are coming from another employee, or even the employee’s supervisor or CEO. One click grants the access, and the attack begins.
Ransomware is a type of malware that is designed to deny a user access to their computer files – typically, attackers encrypt these files and demand a ransom payment for the decryption key. Common routes ransomware uses to invade your network include credentials, phishing, exploiting vulnerabilities, and botnets.
Remote work has heightened the risk of ransomware and other malware due to employees sharing home office space, printing confidential documents on shared devices and the forming of unintentional bad habits as they give priority to completing tasks over best security practices. As ransomware attacks continue to increase in frequency and sophistication, organizations must focus on educating their people and having good processes in place that help eliminate the likelihood of an attack.
Article: How to detect ransomware
Article: How to handle a ransomware attack
Want to learn more about ways to protect your organization from cyberattacks? Explore Ricoh’s RansomCare solutions, or contact us for more information.
- 1PwC, PwC Pulse Survey: Executive views on business in 2022, January 2022.
Recommended for you
Digital documents and managing the risks of ransomware
The risks of ransomware have skyrocketed as documents and data have gone digital like never before. Let Ricoh and Aberdeen help you assess your data security.
What is cybersecurity?
Cybersecurity is becoming increasingly important with the recent acceleration of remote work. Learn all about cybersecurity from Ricoh.
Part One: A risk-based approach to cybersecurity
This is Part One of a series of the benefits of a risk-based approach to cybersecurity, how to measure success and how to make it work for you.