We all know a chain is only as strong as its weakest link.  In cybersecurity, that potential weak link is a human.  The best cybersecurity tools in the world won’t protect from a careless employee.  Every day, hackers exploit our human vulnerabilities to create cybersecurity risks. 

To understand the scope of the threat, consider this:  Cybersecurity Ventures predicts global spending on cybersecurity products and services will exceed $1 trillion cumulatively from 2017 to 2021.  Conversely, experts expect victims around the world to incur an estimated $6 trillion in cybercrime damages by 2021.  Certainly all this cybersecurity spending will make a big dent in that number.  Or will it?

Here’s the catch:  all the best cybersecurity tools combined can’t stop everything.  One enticing website or scary email can cause even the most diligent employee to click.  One click is all it takes to let a cybercriminal in.

Think of getting in the car to head out.  All the beeps, lights and whirrs alert you to potential dangers on the road.  Your car may automatically slow itself down if you get too close to the car ahead of you.  Yet, accidents still happen.

The same is true with your computer.  Firewalls, anti-virus, website blocking, and even two-factor authentication are great tools  but they’re not 100% foolproof.  It’s up to each of us to be clever and do all we can to outwit the bad guys.

Misperceptions that Can Put Your Business at Risk

Most employees aren’t trying to wreak havoc.  But, they may not fully understand the risks because they:

  • don’t believe your business has any information that hackers want
  • think tech tools block all dangerous emails and websites
  • don’t understand the significant potential costs of a breach (including exposure of client and business information, a costly insurance claim, reputational damage, and legal action)
  • think they’re too busy to be diligent.

Understanding Human Vulnerabilities Will Improve Your Cybersecurity

Being secure online comes down to education and attitude.  Now that you know what you’re up against, you can take steps to correct it.  Here are a few tips for your team:

  • Be Suspicious of Attachments and Links in ALL Emails  Your default attitude should be “don’t click”.  Then, look for clues that the email is legitimate.
  • Don’t get Hooked by Phishing  Phishing emails may not ask you to click on anything, but they try to deceive you into giving up banking or other valuable information.
  • Beware of Pop-Ups Claiming to be from Microsoft  These will often scare you into thinking your computer has been compromised or needs updates.  Don’t call the number in the pop-up – call your IT provider.
  • Don’t Share Passwords and Use a Password Manager  Don’t write passwords down.
  • Stay Away from Public Wi-Fi.  If it’s open to you, it’s open to hackers, too.
  • Take Advantage of Cybersecurity Training.  Your IT provider may offer it at no charge.  It’s well worth your time.

Impress this upon your team – everyone who uses a computer that’s connected to the internet is at risk.  You’re not exaggerating.  Help them understand that tech tools are necessary and valuable, but not foolproof.

 Cybercriminals exploit human vulnerabilities for financial gain.  Ultimately, the cybersecurity of your business depends on the abilities of your team to outsmart them.


If you’d like to know more about how CRU Solutions can help keep your business safer, contact us.