Intelligent CISO Issue 03 | Page 72

INSECURE BEHAVIOUR HITS PRODUCTIVITY FIRST

There’ s no doubt that cyberbreaches and attacks can have serious consequences. Brian Chappell, Senior Director, Enterprise and Solution Architecture, BeyondTrust says that along with plenty of technical solutions, the first and best line of defence is always the workforce.
Brian Chappell, Senior Director, Enterprise and Solution Architecture, BeyondTrust orget the common

F sense that goes into maintaining a high level of cyberhygiene, forget about how much money you’ ve already spent on security, forget about the cost of mitigating a data breach and forget about the ethical points of keeping private data private. Forget about the legal ones too, for that matter.

Just think about productivity and just how much lag your workplace could really afford if suddenly, your business was to grind to a halt.
Our annual Privileged Access Management survey, which surveyed nearly 500 IT professionals between May and June 2017, showed that the large majority, 66 %, suffer losses of productivity as a direct result of poor security practices.
Those productivity losses, our survey also found, caused organisations an average loss of US $ 4.2 million.
That wasn ' t the only outcome – 23 % of respondents mentioned harm to reputation as an impact and 21 % said they had been subject to legal or compliance penalties. A small amount said they had to deal with criminal prosecution too.
Still, this should come as a vindication of what security professionals have always known – that good cybersecurity practice does not hinder productivity. Ultimately, it enables it.
A whaling scam can send workers running up and down the office, looking to fulfil the demands of someone they believe to be their boss while an insider theft can prompt a lengthy, cumbersome security audit and a regular old network breach can switch staff priority to damage control instead of their normal duties.
But the best example is ransomware, the preeminent cyberthreat to individuals and businesses globally. Were an employee, or even your boss, to absent mindedly click on a phishing link, you may soon find yourself looking down the barrel end of an encrypted network, paralysed business and thousands, if
72 Issue 03 | www. intelligentciso. com