One of the weakest links in business cyber security is user awareness.

Most businesses spend vast amounts of money on front facing systems.   These are the systems that command the high prices and they are used to keep the cyber criminals away from the critical information and infrastructure of the business.

This is all well and good but time after time we are finding that the technology can not keep that information safe.  If it is badly programmed software or stupid mistakes by ICT people the bad guys are finding ways around the protection.

In more and more cases of cyber attacks the cyber criminals are targeting users and staff, the less protected targets.   Why spend hours or attack time when all they have to do is pick on the innocent, uninformed, uneducated and unaware users who have had little or no training in how to protect themselves.

In recent times we have heard constantly that most of the attacks where critical information has been released to the Internet, it has been through a low level staffer who did not know better.   These attacks are reaping incredible rewards for the cyber criminals.

Not only do most users not understand what is involved in the how to protect themselves but they really do not understand how the bad guys work and why they, the lowly users, are the main targets.

So instead of spending that extra couple of thousand dollars on your firewall, you could spend a couple of hundred dollars on your staff training and have a noticeable increase in your cyber security protection.

Roger Smith, is an educator. Teaching students at ADFA (UNSW) and showing them how vulnerable they are to cybercrime.

He is also CEO at R & I ICT Consulting Services Pty Ltd, an Amazon #1 author on Cybercrime and founder of the SME Security Framework. He is a Consultant who specialises in inexpensive and highly effective security strategies for small and medium businesses and not for profit organisations.

He has developed and authored the SME Security Framework and the Security Policy Training Course which are considered to be the definitive guides to helping SME's protect their organisation using the principles of Technology, Management, Adaptability and Compliance.

Leave a Reply