Cybersecurity has become everyone\u2019s business, and it raises demand for\u00a0continuous updates of information for everybody, both high-level security professionals and common corporate users. And especially for the latter, since it is this group that\u00a0criminals attack most of the time.<\/p>\n
Pros and\u00a0cons<\/b><\/p>\n
Cybersecurity is supposed to be mainly a field of responsibility for dedicated professionals, and apparently this isn\u2019t going to change any time soon. It\u2019s hard to expect an accountant to have equal prowess in the area of cybersecurity as a\u00a0seasoned cyberforensics expert, who spent years worth of time\u00a0to become what he is.<\/p>\n
#Cybersecurity #education in enterprise: not only for security employees #enterprisesec<\/p>Tweet<\/a><\/blockquote>\n
It would be unfair, though, not to mention that today\u2019s common users often are capable of doing with their PCs (and handhelds) what they weren\u2019t expected to do ten or more years ago, and today\u2019s accountant may know a lot about computers, software and even have some additional specialty knowledge (such as setting up a wireless network at home or in a small office). Still, it won\u2019t make him capable of changing his career and\u00a0becoming an IT security professional. The difference in expertise is still vast: it\u2019s \u201cI know a thing or two\u201d vs. \u201cI have worked in the field for many years\u201d.<\/p>\n
At the same time, speaking of field of responsibility, by \u201cmainly\u201d we don\u2019t mean \u201cexclusively\u201d. In fact, it\u2019s not professionals those are targeted by the criminals and APT groups, rather, it\u2019s common users. They and their PCs, devices and the data they work with are essentially the new \u201cendpoints\u201d, and if we add a bit of bombast here, a battlefront of sorts.<\/p>\n
The battle rages on and on<\/b><\/p>\n
Indeed a battlefront, given the amount of new threats detected daily \u2013 325,000 new malware variants<\/a>, according to our recent stats. Whether the common corporate users are aware of these threats and whether they can ensure at least basic security of their data and devices, can affect overall business\u2019 security immensely.<\/p>\n
Cyberthreats are growing in number and sophistication, however, essential entry points remain the same: all kinds of phishing and other trickery to dupe clueless users into (most likely unwilling) \u201ccooperation\u201d such as running the malware or opening an\u00a0exploit-ridden Word document. How good the users are at countering this trickery depends exactly on their awareness. And the amount of new malware clearly indicates that the awareness on average really could use some improvement, otherwise there would be\u00a0much fewer\u00a0threats and cybercriminals would tell each other fewer \u201csuccess stories\u201d.<\/p>\n
Attackers are not geniuses<\/b><\/p>\n
It\u2019s worth mentioning, though, that, again on average, cybercrime today isn\u2019t too advanced<\/a> \u2013 it\u2019s quite accessible to mediocre minds. In fact, it is enough to know where to buy and download your next banking Trojan, and how to spread it out. Not much of a creative work. But still it doesn\u2019t decrease the menace; otherwise, with the cyberunderground becoming overcrowded, more advanced criminals have to come out with more and more competitive \u2013 and dangerous \u2013 crime tools.<\/p>\n