Technology Record - Issue 28: Spring 2023

82 VIEWPOINT How to avoid the consequences of a misinformed workforce THEO ZAFIRAKOS: FORTRA’S TERRANOVA SECURITY With increasingly frequent and aggressive cyberattacks, businesses must train their employees on security best practices and put preventative measures in place Businesses are beginning to see huge benefits from the growth of the digital economy. But, with the increased use of artificial intelligence and global-scale adoption of cloud technology, they are also falling victim to the surge in digital crime. Risk analysts McKinsey & Company found that organisations around the world spent around $150 billion on cybersecurity in 2021 and these numbers doubled in 2022 to $300 billion. Fast forward another year and cybersecurity is estimated to cost $8 trillion by the end of 2023, according to Cybersecurity Ventures. If we continue at this rate, firms will become bankrupt and threat agents will have the upper hand with access to sensitive data. Although these statistics are alarming, firms are becoming increasingly aware of their vulnerability to cyberattacks and looking for ways to prevent them. For example, the World Economic Forum’s Global Cybersecurity Outlook 2023 report reassuringly found that more than half of cyber leaders are meeting with their business leaders monthly to discuss cyber-focused topics. At Fortra’s Terranova Security, we aim to keep cybersecurity costs low for businesses by creating training programmes and phishing simulations to improve security awareness. We encourage our customers to train their users how to spot the most common attacks to reduce the chance of a cybersecurity breach. The term ‘cybersecurity’ covers a myriad of topics, so firms looking to improve their security awareness should focus on three important aspects that we embed into our training solutions. Teams need to be ready for sophisticated phishing attacks and social engineering schemes, which take advantage of the human risk factor prevalent in every organisation. These attacks will become more complex as threat actors use new technologies, such as AI, to evolve their attack scenarios and make fraudulent emails and messages appear more believable. Fortra’s phishing simulation tools help to educate employees so that they can spot manipulative emails and phishing scams. The better-informed teams are in handling sensitive data safely, the less likely they are to put that data at risk. “The better-informed teams are in handling sensitive data safely, the less likely they are to put that data at risk”