The Human Factor in Cybersecurity

Posted by llort003 on

Name: Lindsey Lorton

Date: March 19, 2024

The Human Factor in Cybersecurity

Balancing the need for training and extra cybersecurity measures in the workplace.

The importance of workplace cybersecurity and training

            With the increasing spread of cybercrime, it is important that organizations invest in both employee training and cybersecurity measures. Since bad actors can come from cyberspace, or are working within an organization, efforts should be made to mitigate these risks. These measures can be implemented even on a limited budget. In 2023, the number of data breaches had increased 78% since 2022, with the US reporting 3205 breaches. The number of victims from the breaches were around 353,027,892 (Maundrill, 2024). The main culprit of the breaches was ransomware, while 729 were related to either system errors or human errors (Klawans, 2024). Many data breaches involve cloud-based data, making up 80% of 2023 data breaches. It’s believed that once cloud-storage became popular, some companies cut corners to quickly switch to the cloud, exposing data to breaches if the cloud configuration wasn’t done properly (Madnick, 2024).

Cybersecurity on a limited budget

            The increase of cybercrime means that companies must find ways to combat cybercrime, along with doing so on a limited budget. The risk from cybersecurity threats is too great, so it’s important that these measures be in place, even if budgets and resources are finite. First, establish what assets are critical to your company, such as financial information, customer data, and company hardware. Next, assess what could happen should a breach occur. Finally, assess current company cybersecurity measures and check for any vulnerabilities (Fortra, 2023). Performing these assessments can allow your company to implement cybersecurity measures that fit best with your budget and company size.

Make use of the NIST framework

Establishing resources and training for your company’s cybersecurity measures can be accomplished, even on a limited budget, and by modeling the US National Institute of Standards and Technology (NIST) framework. The NIST framework is a cybersecurity model that can operate based on the size and needs of your company. The basic concepts of the NIST framework include identify, protect, detect, respond, and recover (Odogwu, 2021). There are also four tiers for the implementation of the framework, allowing for better adaptation depending on budget and company size. The tiers range from partial, only being reactive to threats, to being adaptive, meaning your company has responded to past threats and fosters a healthy cybersecurity environment (Odogwu, 2021). These options provide the best chance for companies to protect data, while also ensuring their company can operate efficiently.

In conclusion

            With the increase of cyber threats and breaches, it’s crucial for companies to have appropriate cybersecurity measures in place. Causes of breaches include ransomware, as well as human and system errors. Companies working with a limited budget should evaluate the assets most important to their company, along with evaluating existing cybersecurity measures, and identifying improvements. The NIST framework can be used as a model for companies looking to implement cybersecurity systems, even for small companies and those with budget issues. The adaptability of the framework ensures that companies have the best chance of protecting data, while also operating in an efficient manner.

Works Cited

Fortra. (2023, May 8). Cybersecurity for Small Businesses: How To Protect Your Company on a Budget. Retrieved from Tripwire: https://www.tripwire.com/state-of-security/cybersecurity-small-businesses-how-protect-your-company-budget#:~:text=Best%20Practices%20for%20Cybersecurity%20on%20a%20Budget%201,part%20of%20good%20cybersecurity%20hygiene.%20…%20More%20items

Klawans, J. (2024, March 7). Data breaches increased in 2023 and with them, internet security concerns. Retrieved from msn.com: https://www.msn.com/en-us/money/other/data-breaches-increased-in-2023-and-with-them-internet-security-concerns/ar-BB1jttiB

Madnick, S. (2024, February 19). Why Data Breaches Spiked in 2023. Retrieved from Havard Business Review: https://hbr.org/2024/02/why-data-breaches-spiked-in-2023

Maundrill, B. (2024, January 25). Data Privacy Week: US Data Breaches Surge, 2023 Sees 78% Increase in Compromises. Retrieved from infosecurity-magazine: https://www.infosecurity-magazine.com/news/us-data-breaches-surge-2023/

Odogwu, C. (2021, September 7). What Is the NIST Cybersecurity Framework? Retrieved from makeuseof.com: https://www.makeuseof.com/nist-cybersecurity-framework/

 

Leave a Reply

Your email address will not be published. Required fields are marked *