Poor password protocols leaving companies open to attack

As businesses mark World Password Day, there were new warnings over the need for companies to become more prescriptive with staff over the way in which they access work systems.

It comes as research found almost three quarters of UK employees are not changing their work log-in and email passwords enough, putting businesses at risk of cyber-attack.

The study by cyber security firm CSS Assure has revealed almost one third admitted to never changing their work passwords or only doing so when prompted, while 1 in 8 employees (12%) said they use the same passwords personally and professionally.

The firm is warning employers to protect their businesses against cyber-attacks due to the major financial, reputational and legal damage they can cause.

Mike Wills, director of strategy and policy at CSS Assure, said: “Cyber criminality is here to stay and is an increasing plague on society, causing untold damage, while fuelling and funding international crime and global terrorism.

“No business is immune from cyber-attacks and it is vital companies make themselves as hard to hack as possible. At a minimum, businesses should encourage and remind their employees to change their passwords at least once every three months as this will stop or prevent access to accounts if data has been breached.

“While this may seem like a faff, doing so is the single greatest defence a business can take towards protecting itself against a cyber-attack. Currently, there are millions of emails and passwords for sale on the dark web for miniscule amounts, waiting for cyber criminals to purchase.”

He added: “Using the same password across multiple accounts or both personally and professionally is a major weak link in a company’s security system. If one site is breached and an employee’s credentials are exposed, their risk is amplified exponentially if they use that same password elsewhere.”

The research found doing manual work (78%), as well as graduates (70%), directors and business owners (77%) are least likely to change their work passwords enough, highlighting the importance of education at all levels.

One in five directors and business owners (21%) admitted to reusing passwords across multiple accounts, while a quarter of senior managers (25%) said they write their passwords down in a notebook or on a mobile application.

Worryingly, despite infrequent password updates and reusing passwords across multiple sites, 74% of respondents claim to be cyber security aware.

Willis added: “Poor password management is a root cause for many data breaches. However, it’s important to remember that the habit can often be attributed to poor personal discipline, as opposed to malicious intent by your employees.

“Typically, people are unaware they are putting their company at risk, which can be shown by almost three quarters of those surveyed believing they are cyber security aware – even though they are making mistakes that can have dangerous consequences.

“Employers must create a hard to hack company culture that is trained on recognising threats and attacks. Begin by educating all levels of the workforce on why and how poor practices can lead to data breaches, as well as encourage them into good habits, including changing their passwords regularly – starting with today.”

The research found doing manual work (78%), as well as graduates (70%), directors and business owners (77%) are least likely to change their work passwords enough, highlighting the importance of education at all levels.

Follow us on twitter: @risksEmerging

An overseas friend asked what it was like living in the UK at the moment. I said it was like being on the Titanic and seeing the iceberg but realising no one was making any great effort to avoid colliding with it.

As an elder millennial who came of age when Google became a verb, I had difficulty grasping that ~40% of Gen Zers use TikTok for search.

So I hosted a mini-focus group with Gen Zers to learn more.

Here are 3 takeaways:

DevSecOps is not a security trend in and of itself but, rather, an aspect of the ongoing DevOps revolution that Tech Trends has chronicled in past issues.

@DeloitteInsight http://bit.ly/2XJC3SU rt @antgrasso #DevOps #DevSecOps #CyberSecurity

❗ 40% of #ransomware incidents last year involved the use of desktop sharing software, with 35% of incidents being via email.

via @AWNetworks

#infosec #CISO #cyberdefence #malware #hacking #databreach #cybersecurity #emailsecurity #zerotrust #security

#EdgeComputing Has Come a Long Way

#IoT #manufacturing #IIoT #IoTSecurity #IntelligentEdge #robotics #automation

SKILLOGIC® is a global leader in Certified Ethical Hacker Courses

#skillogic is offering ‘Certified Ethical Hacker Courses’

👉For more info: https://skillogic.com/ethical-hacking-certification-course/ceh/

#hacking #cybersecurity #ethicalhacking #hacker #hackers #ethicalhacker #technology #hack #coding #security

So, in your view, where could we go from here? What can we do to improve kids' mental health and privacy? #Privacy and #DataProtection should be in the forefront. Would love to hear your feedback on how to achieve this mission.

Load More...