Featured Product
This Week in Quality Digest Live
Management Features
Andy J. Yap
When organizations merge, people must come together
Gene Russell
Resources to help increase your financial literacy
Michael King
Augmenting and empowering life-science professionals
Meg Sinclair
100% real, 100% anonymized, 100% scary
Mike Figliuolo
The customer isn’t always right

More Features

Management News
For companies using TLS 1.3 while performing required audits on incoming internet traffic
Accelerates service and drives manufacturing profitability
New video in the NIST ‘Heroes’ series
A tool to help detect sinister email
Developing tools to measure and improve trustworthiness
Manufacturers embrace quality management to improve operations, minimize risk
How well are women supported after landing technical positions?

More News

Quality Digest

Management

Who Is at the Highest Risk of Being Hacked?

A cybersecurity expert offers guidance

Published: Tuesday, February 7, 2023 - 12:00

(NordLocker: Panama City) -- With the human element being the reason behind a whopping 82 percent of data breaches, employees are the weakest link when it comes to organizational cybersecurity. While every employee is essential for watertight security, people from some departments are much more lucrative targets for cybercriminals than others.

“From receptionists to the C-Suite, every employee should be treated as an important chess piece when it comes to cybersecurity. But cybersec training and tools should be based on equity, not equality, and tailored to each department and role because exposure to outside threats and access to certain types of information varies greatly inside every company,” says Oliver Noble, a cybersecurity expert at NordLocker.

Here, Noble outlines which departments are at the highest risk of being hacked and breaks down what makes them more prone to cyberattacks.

Marketing

With marketers being the company’s outward-facing voice, they are some of the easiest targets for cybercriminals. More often than not, the email addresses and other contact information of marketers are out in public and easily accessible, which makes them a low-hanging fruit for hackers to leverage in their next phishing attack.

People working in marketing are also much more likely to fall for a phishing attack by clicking that malicious link or downloading suspicious attachments. Because marketing departments are very likely to work with third-party vendors, receiving emails from outside sources is often a part of their routine, making it easier for a phishing email to blend in. And it only takes one slipup for malware to make its way into the network.

The C-suite

The highest-ranking executives are an obvious choice for cybercriminals. They are usually the ones to have unrestricted access to the most sensitive company files, which if accessed by a person with bad intentions, could spell doom for the company’s future.

However, most often, it is not the executives themselves that let malware into the network, because their access points and contact details are protected by additional threat mitigation measures compared to the average employee. However, that can’t be said about people in their closest circle, such as their assistants who often have similar, if not the same, access credentials to internal documents but lack the same cybersecurity measures as their boss.

IT department

The IT department often has wider access to the most critical business data when compared to other branches, including important credentials, and encryption keys, which makes them exceptionally lucrative targets for cybercriminals. Apart from that, people working in IT are responsible for handling the entire company’s digital infrastructure, which if exposed to hackers, could shut the entire company down and hold it hostage in a matter of minutes.

How to safeguard your business from a cyberattack

According to Noble, people can avoid many data breaches by following simple steps to improve cybersecurity:
• Encourage cybersecurity training. Investing in your employees’ knowledge is one of the fastest ways to prevent a cyberattack from happening in the first place. It should be organized regularly and have a holistic approach that covers every single employee.
• Adopt zero-trust network access. The mindset of “trust none, verify all” is based on the zero-trust paradigm and is applied through identity authentication to access work equipment and resources, network segmentation, and access control management.
• Implement and enforce periodic data backup and restoration processes. An encrypted cloud might be the most secure solution.
• Enable multifactor authentication. Known as MFA, it serves as an extra layer of security. It is an authentication method that uses two or more mechanisms to validate the user’s identity—these can be separate apps, security keys, devices, or biometric data.

For more about how to safeguard your operation, visit NordLocker.

Discuss

About The Author

Quality Digest’s picture

Quality Digest

For 40 years Quality Digest has been the go-to source for all things quality. Our newsletter, Quality Digest, shares expert commentary and relevant industry resources to assist our readers in their quest for continuous improvement. Our website includes every column and article from the newsletter since May 2009 as well as back issues of Quality Digest magazine to August 1995. We are committed to promoting a view wherein quality is not a niche, but an integral part of every phase of manufacturing and services.