Many people around the world have found themselves looking for new jobs after being targeted by cyber-attacks. A cyber-attack can be very costly for a business, but virtually anyone can be taken in by an online scam. Cyber-attacks can come in many forms, and these include phishing, ransomware and Business Email Compromise (BEC). These attacks are also becoming more and more sophisticated. This is why so many people have been fooled into becoming victims even if they thought they were too informed to be duped.
How cyber-attacks can affect employees?
Employees can be a business’ number one weakness when it comes to data protection. However, it’s not just the business that suffers when someone falls prey to a cyber-attack. The employee themselves can suffer disastrous consequences, including losing their job and livelihood. It may also take a long time for them to find another role with a different employer. Many employees are still losing their jobs after their company’s systems have been hacked.
How common are data breach dismissals?
In Britain, 39% of decision-makers have sacked employees who breached corporate security policy during the Covid-19 pandemic. These figures were released in a report by Centrify , an IAM specialist. Centrify surveyed 200 respondents to find out how the pandemic and the rise in remote working have affected cybersecurity. It’s not just executive levels that are being sacked following data breaches. Even CEOs have been sacked after falling for phishing attacks.
How cyber-attacks affect businesses?
Cyber-attacks can result in lost time, money and sensitive data. A cyber-attack can cause vast disruption within a business and harm the company’s reputation considerably. Ransomware can cause essential work data to be permanently lost. Once it’s clear that a cyber-attack has occurred, the first thing employers want to find out is who fell for it. A cyber-attack can be unleashed after just one click. In many cases, cyber-attacks affecting entire systems have got underway after one simple download of an infected attachment.
IT director sacked
In one high-profile story, Florida’s Lake City ended up handing over $460,000 in Bitcoin to cybercriminals. The cyberattack led to data being lost and the Director of IT losing his job, even though systems he had implemented enabled the council to resume work quickly.
What is Business Email Compromise?
Business Email Compromise is designed to target people in charge of big financial transactions within companies. In just five years, BEC crime has been cost businesses approximately £9.5 billion. Some cybercriminals have sent out emails that purport to be from people within the same organisation. These emails are often designed to convince personnel within the organisation to transfer money. Some employees have not only been sacked but sued for the lost funds too.
Has IT whistleblowing led to sackings?
Some individuals have been sacked after airing concerns about lax security. Mignon Hoffman, former information security at San Francisco State University spoke about the organisation’s below-par security and lost her job after a cyber-attack. Hoffman claimed she was sacked due to whistleblowing about the university’s security standards. However, some people have lost their jobs after failing to speak about poor security and attempting to cover up cyberattacks instead. Uber’s former Chief Security Officer Joe Sullivan and ex-security lawyer Craig Clark were sacked after trying to keep a cyber-attack secret, even offering the criminals a six-figure sum to delete data they had stolen. The breach affected 57 million Uber customers.
What is ‘whaling’ in cybercrime?
Cybercriminals have also impersonated company CEOs and presidents to obtain cash fraudulently. Former CEO of FACC Walter Stephan was fired after being tricked by a scam, in which other spoof accounts were created and almost 53 million euros was lost. This was an example of ‘whaling’, in which senior employees are targeted by emails purporting to be from other big players within an organisation.
Can I minimise the risk?
Although there is no 100% effective way to stop an employee from falling victim to a cyber-attack, there are steps that you can take to increase the likelihood of team members being taken in. Investing in security awareness training is one of the most effective ways to prevent a hacking attempt from being successful. The more your team know about the latest threats, the less likely they are to fall prey to them. Many employees have been left extremely frustrated after losing their jobs after failing to receive sufficient cybercrime training.
How security awareness training can help
When security awareness training is provided to people across your organisation, you can keep cybercrime at bay. During security awareness training, employees and bosses are informed about common and new threats that could put businesses at severe risk. Attendees will be told what phishing emails typically look like and be alerted to the very latest dangers to stay one step ahead of the cybercriminals. Security awareness training can also refresh employee knowledge of cybercrime and reacquaint with them important advice on choosing strong passwords and keeping them private.
The risks of data breach sackings
There are many risks attached to sacking staff after cyber-attacks. You may risk losing staff who have otherwise performed well for you and simply lacked the training they needed to avoid being taken in by cybercriminals. Dismissing quality staff after security breaches can also harm your reputation and cause talented potential employees to think twice about working for you. It can also damage workplace morale if the member of staff was popular amongst their colleagues.
Training can help you beat cybercrime
Providing quality security awareness training can help you prevent costly mistakes and enable you to retain talented staff who bring a lot to your organisation. Replacing staff sacked after data breaches can also be incredibly costly and time-consuming. The member of staff may even take legal action against you if they feel they have been unfairly dismissed.
To find out more about how security awareness training can benefit your business, get in touch today. We can provide an extra layer of protection against cybercrime.