Financial Manager Society’s latest issue of Forward features Baker Tilly’s Mark Boettcher in an insightful take on cybersecurity, social engineering, breaches and the importance of diligent, ongoing cybersecurity education and awareness within an organization.
When most people think about cybersecurity breaches, there’s a tendency to focus on the big splashes – the major customer data heist at a national retailer or the global ransomware attack that threatens to shut down businesses of all shapes and sizes. Yet while community institutions certainly need to keep their guard up against these types of large-scale, high-profile assaults, the real threat to their day-to-day business likely lies in a far more pedestrian, run-of-the-mill scenario that might play out something like this:
Jim in accounting clicked on a bad link in an email.
It’s not exactly the kind of riveting, torn-from-the-headlines type of incident that screams out for a Movie of the Week, but the truth is that this kind of boring everyday miscue is, without question, the most likely way in which a community institution is going to become a victim of a cyberattack. According to a 2017 data breach investigations report by Verizon, 43% of hacks employ social engineering tactics to prey on unsuspecting or error-prone employees. When successful, those breaches can range in cost from significant to devastating for a community institution, incorporating not only direct monetary losses, but litigation costs, remediation expenses and reputational damage as well.