The Biggest Hacking Risk? Your Employees

from readwrite

This January, a hacker broke into Ethereum Classic, one of the more popular cryptocurrencies, and began rewriting transaction histories. Until recently, blockchains were considered unhackable, but it’s clear that cybercriminals always find vulnerabilities.

Here’s the lesson: If a blockchain can be hacked, no one is immune to the threat of cybercrime. And businesses are frequently exposed in unexpected ways.

One of the easiest vectors for a cyberattack is employee negligence. Easily avoidable mistakes, such as using the same passwords at home and at work, put company data at risk. According to a report from information security company Shred-it, 47 percent of business leaders attribute data breaches to human error or lost documents or devices. Plus, plenty of data breaches originate from phishing attacks, which means that some employee at the company has to “open the door” to the hacker for the breach to occur.

Because data breaches can incur enormous costs and greatly harm your company’s reputation, it’s imperative to do all you can to prevent them or mitigate the effects if they occur. Often, it’s difficult to know how to discuss this important issue with your team. As you work to prevent employee-related cybercrime at your company, keep these three basic principles in mind to encourage cybersecurity best practices:

More here.

, , , ,

39 Responses to The Biggest Hacking Risk? Your Employees

  1. Josh Shupper March 25, 2019 at 7:58 pm #

    Hacking has become a huge problem for companies, employees, and really everybody in general in today’s society. Hackers always seem to find ways to get into your personal accounts where very important information like a social security number, a credit card number, phone number, address are stored. It is similar to many companies too. Companies have very important documents contained on a computer, and hackers always try to find a way to take advantage of who they hack and really screw them. For example, the article mentioned that Ethereum Classic, a cryptocurrency company was hacked by someone. That hacker decided to fiddle with the transaction history of the company, and let’s just say it did not go well. You think that you might be safe. However, there is one problem with the previous statement. No one is really safe. If a cryptocurrency can get hacked, I believe that anything can get hacked. That means that everyone is vulnerable to being hacked. I remember one time my dad had one of his cards hacked. There were transactions made on his card from Turkey. Honestly, he was not too pleased and it creates a lot of stress for anyone who has to suffer. My brother about a year or two ago had his instagram account hacked, and it created a lot of stress in my house. I fortunately have not had to go through this situation of being hacked. I know that this can happen to me at anytime, and I have to be careful with what I do in terms of keeping all of my important personal information safe. The same thing can happen to companies too. All of it starts with the workers within a company, and as specifically mentioned the human resources department. They are the last line of defense in terms of holding the information. They are the ones who has record of all of the employees in the company. I agree with the last point made in the article about shoring up the weak points. If I were a hacker, the point of where I would want to hack first is where a company or an individual is the most vulnerable. By cleaning up the weak spots, it won’t be as easy for a hacker to do what they do best. But knowing them, they always seem to find a way.

  2. Justin Rahl March 26, 2019 at 4:32 pm #

    As there are any advancements in a given field, there will always be good and bad consequences that come about. I find this article to be quite interesting and that it brings up very relative and useful points for any business looking to secure its data more than it currently is. The part in particular I enjoyed the most was the “ethical hacker” approach to seeing weak points in a company’s software protection. When reading this it make perfect sense to test how strong your protection is by having someone who is a trained professional show every crack that the average person would not be aware to check. They seem to be very similar in any consultants role in a company in my opinion. The consultant comes in, assesses what is going on, and shows what to improve upon that will help the company grow. Hacking will most likely never go away as we become more dependent on technology for essential and nonessential tasks, so it would be best to treat this like any other problem that is capable of being fixed.
    I agree wish Josh’s comment in saying anyone and everyone is capable of being hacked with the technology and skills that are available today. If something as elusive as cryptocurrency is capable of being affected, I would imagine there are plenty other pieces of information that are much easier to attain. It is within the best interest of everyone who is reliant on technology for their everyday life to do all they are capable of to protect the information they are carrying around them. This goes the same for companies as well such as medical practices, accounting firms, etc. With this information being public now I am sure that there will be a new state of the art protection software that will stop hackers for a noticeable amount of time, but it is inevitable that someone will develop a new method of hacking, which starts the cycle all over again. It is unfortunate that there is not a program that can end this cycle and I do not think they ever will be. As problems occur there are people that try to fix them which follows by people that create new problems.

  3. Domenico Cirielli March 27, 2019 at 2:48 pm #

    Technology in our world is moving at an unprecedented pace. One of the technological advancements that has been around a little more than a decade now is blockchain. Seemingly un-hackable, blockchain is a list of transactions, or records, maintained across devices linked through peer to peer networks. However, as the article notes, this January one of the most popular cryptocurrencies, Ethereum Classic, had its blockchain hacked and its transactions rewritten. This begs the question – who is safe? How can we, as individuals becoming more and more accustomed to a society filled with technology, ensure our digital safety? This article provides just the remedy to that.

    Suggesting the implementation of three simple steps and procedures, the article begins with discussing the importance of keeping tabs on employees. The article states that it should be the job of the Human Resource department in companies to ensure that employees understand the importance of cybersecurity and to provide education regarding it. In fact, 22% of cyber related crimes are inside jobs, whether intended or not. To combat this, the article calls for the implementation of a type of software that monitors employees’ sentiments and emotions. While I can see the benefit to this, this is also an invasion of privacy in my opinion. I understand that in the working world your employer should have access to your data and messages should an issue arise but keeping a constant tab on people and their emotions seems excessive to me. I do understand that the reason for this is to catch a potential issue before it blows up, but still it seems a little unethical.

    The other steps mentioned by the article include hacking one’s own system and patching up any weak points that do exist in a company network. I feel like the hacking of one’s own system is definitely the most productive way to test potential hacking scenarios, especially considering the fact that these “ethical hackers” who test these scenarios do so in large part by duping employees into scams like cyber criminals would attempt to do as well. At least in this aspect, the company is not invading the employees’ privacy, but instead monitoring their actions as it pertains to the cyber security of the company. Additionally, patching up weak points, especially those made vulnerable by employee activity, is also very important for an IT department of a company to do. The article importantly notes that these weak points often arise out of employee’s actions.

    With all of this in mind, I think going into the working world, especially those of us who might be responsible of the operations of a company in the future, it is essential to understand cybersecurity and the implications it has. However, this article has really opened by eyes to one of the biggest reasons cybersecurity may not be secure – negligent employees. I now understand how important it is to stress the significance of cybersecurity in a world moving forward with technology and likely not looking back.

  4. Claudia Ralph March 27, 2019 at 4:25 pm #

    When reading this article, it reminded me of our in-class discussion of data and privacy and how these two elements are increasingly important to keep a close eye on, especially on the internet and other servers that we use. That discussion definitely made me a little more aware of what my digital footprint is leaving, and that includes the workplace. Everything we do on the internet is aggregated into one place where a digital profile is made of us. It doesn’t avoid the fact that there are data breaches that are out of control of the general public. Things that we buy on the internet can be the cause of them. And even potential employers can leak information about employees.
    I was surprised to see that employers, those who are supposed to keep our information private, could be a potential outlet for our data to be stolen or parsed from. This can put employees continually at risk for certain kinds of breaches. The article made it clear that it is beyond important to be proactive and aware in these types of situations so that you and your information can be kept safe. It may take extra steps, but it may be worth it to not have your information compromised.
    I believe that it is also up to employers to protect their employees in these types of situations. If that means paying extra money to take extra precautions I believe that is what needs to be done. Employers owe their employees a certain sense of security with their sensitive information that is required to work at in the United States. With the amount of IT programs that there are in colleges and the incredibly smart people out there, the “ethical hackers” that companies could have should be advanced enough to see things like this coming and should be able to take these precautions or combat an ongoing situation if one arises.
    And this just isn’t a one-time thing, it is important that this monitoring is continually happening and kept up with. We must do our due-diligence to protect ourselves. Without this monitoring, breaches will continue to happen and diminish the credibility of certain companies.

  5. Doran Abdi March 28, 2019 at 9:14 am #

    I have always felt as if the majority of the people in the world are inherently and morally good, but there continues to be a small minority of people who are evil and immoral. The sad reality is that within our modern-day society, safety and security are measures that are taken against these evil and immoral people as we cannot only rely on the good people of the world. We will always lock our doors to our house. lock our doors to our cars, or another safety precaution that we find makes us feel secure against that small minority of bad people in the world. These same principles have been translated to apply towards technology as the fast development of technology has changed the way our lives function every day. This article addresses that idea but in the sense of how corporations and companies should be securing their data from everyone including their own employees who may turn on them. The article talks about various techniques including ethical hacking in which companies can ensure their safety and security from hackers; much like the idea of locking our doors, these same security measures should be taken within technological devices too.

    While I find that it is important for companies to do everything that they can to ensure their security from hackers, I think more should be done in investigating and stopping the hackers themselves. Technology is developing at a rate that our society cannot grasp or handle and it should be recognized that hackers will have more to win as technology furthers businesses and corporations. While it is very important for these companies to ensure their online security, I think society should recognize that our online presence is much more accessible than is presumed to be. As a conservation recently addressed in one of our classes, we identified how easily traceable and hackable all of our data—just in our own personal lives—really is. And while the average user who has very little to offer someone who can access our data will find themselves feeling safe from possible risks, it still is a precaution that should be taken as everyone should be entitled to their security. With having said that, companies and businesses should take larger precautions as they have much more to lose and this article presents a valid way in which they can ensure their security from the most irregular online threats.

  6. Lillie Moran March 28, 2019 at 2:18 pm #

    One of the most important parts of this article that caught my eye was that fact that since someone has hacked blockchains, then there is nothing to protect individuals from being hacked. So what does this mean for all individuals? No matter how many precautions we take, no matter how information we are on the subject of digital privacy, nothing will be able to protect us. In this article, it talks about how employees represent a large portion of hacking. Due to employee negligence, mistakes occur where employees may unconscionably hack into the system. In the article, it mentions that “47 percent of business leaders attribute data breaches to human error or lost documents or devices.” Because of this, employees (uninformed and unaware) are able to hack into very intricate systems that have been very heavily guarded. In order to do this, we as a society, have to take every imaginable precaution in order to protect ourselves and our businesses. During this past week in class, we had a discussion of how our society is changing and in order to become successful and compete, we need to take measures to protect our digital privacy. It may seem very complicated at first, but learning things as simple as different settings in Excel can boost your success rate than other people. But as we learn and improve our competitive nature, it comes with a price- we have to protect ourselves. This can be done in a number of ways. We need to start using social media sites that take our information without our knowledge (Facebook), we need to use a VPN to secure our network, you should not use the same password more than once, and we need to actually start reading the terms of use of every website and app that we sing up for.

    But if this article is any indication of where we are heading with hacking, then these precautionary measures aren’t enough. Because our society is constantly being disrupted by technology and innovation, we know simply staying “off the grid” isn’t enough if we want to survive, but we can’t overuse technology because then we are more vulnerable than ever. So, what do we do? One thing that needs to be addressed in order for all of society to benefit is that our government needs to make laws that protect individuals. We need more regulation within eCommerce and we need raise the bar when it comes to punishment for hacking. In order for this to happen, however, we need to start knowing what we are getting ourselves into. We have to be more aware and keep ourselves updated on digital privacy. We need to constantly update our technology and we need to constantly be aware of the threat of digital privacy.

  7. Diamond Vasquez March 28, 2019 at 5:03 pm #

    Ever since the discussion on technology in class, it truly made me think that I have to be more cautious of what information I put on any social media platform or on the Internet because a person never knows if, hoping that it does not happen, he or she will be hacked by someone. This article, written by Brad Anderson, gives some insight on how a cyberattack can ruin one’s business, elaborating on the importance of keeping oneself protected from hackers. As he describes, “Because data breaches can incur enormous costs and greatly harm your company’s reputation, it’s imperative to do all you can to prevent them or mitigate the effects if they occur.” “The Biggest Hacking Risk? Your Employees,” from Readwrite, gives three specific tips in which could help a person or business protect themselves from a cyberattack; these tips include the following: (1) Keep a finger on the pulse of your workplace, getting in contact with human resources because they “play a key role in raising employee cybersecurity awareness, as well as educating employees on safety measures,” as explained in the article; (2) Hack your system, continuously “run[ning] through all scenarios and test[ing] the newest methods of attack against your defenses,” this being known as penetration testing; and (3) Shore up your weak points, patching the holes in one’s security. By following these three tips, you will be ahead of the cybercriminal.

    At the very end of the article, Anderson stresses the following point: “Cybersecurity must be a top priority for any company that wants to remain competitive in the years ahead.” I completely agree with this statement because our own safety is important. We all want to make sure that no one can track us down, gain our personal information, and steal our identity. I believe that these tips, especially for businesses, it will guide us into maintain our protection from any cyberattacks to occur. In my future, I want to own my own business, and I know that utilizing technology to promote my business, including creating a website and social media accounts, is part of an entrepreneur, so I would have to make sure that my security is protected and kept safe. This article was definitely an insightful, interesting read; and I would recommend this article to other people for them to read.

  8. Stephanie F. March 28, 2019 at 9:09 pm #

    One of the biggest threats to businesses are cyber attacks, or also known as hacking. These criminals will try to destroy, alter, disable, or try to gain access to a businesses’ assets through various hacking methods. Most of the time, cyber attacks could be a result of human error, as mentioned in the article, it is important for every business to take precautions to avoid human error. Cyber attacks are a serious concern since most companies do not even know if they are in a position of being hacked until it happens. Before starting any business, there must be precautions to protect their assets and the assets of their customers.
    We can see the impact that a lack of security has had on some businesses over the years and why it is so important to take the extra step for security. For example, Sony PlayStation had one of the biggest cyber-attacks with 77 million people vulnerable for their information to be stolen. This information is not only inclusive to credit card information but also names, birth dates, addresses, and security questions. PlayStation has had one of the worst histories with cyber-attacks with a total of over dozens of attacks leaving millions of customers vulnerable. (https://www.huffingtonpost.com/2011/06/08/sony-hack-problems_n_873443.html)
    Even though PlayStation has doubled their security since their biggest cyber-attack in 2011, many users like me feel like there should be more precaution, since there seems to be no apparent security change for the users.
    On the other hand, a company that has taken their cyber-attacks very seriously is none other than Apple. Apple has implemented a two-step verification process for their users when logging into their iCloud accounts. Before this two-step verification, hacking into people’s iCloud accounts was very easy and common, especially for celebrities. The two-step verification requires users to enter the password or fingerprint and then follow-up with a verification code from a phone or laptop. This method has significantly reduced the likelihood of cyber attacks since there is too many factors for hackers to now consider. Not to mention the password requirements such as an uppercase letter and numbers within the password.
    Personally, I have seen this two-step verification process help me from getting hacked. I have received messages on my phone of people trying to hack my account in other countries and Apple gives you the option to acknowledge or decline the request for access. After getting this message the first time, I immediately changed my password and I have not had any potential attacks since then. Bank applications such as TD bank have also implemented this method. I feel like at this point if banking websites or applications do not have a strong verification method, then they are allowing cyber attacks to take place and the loss of millions of dollars are on their hands.
    My recommendations to companies such as Sony and other vulnerable businesses is to implement this two-step verification. Customers might not like the idea of wasting more time to when putting in their passwords, but it is the companies’ responsibility to inform their customers why they are going about with this change, for their own protection.

  9. Brandon S. March 29, 2019 at 9:50 am #

    Hacking has become such a major threat in today’s world and there are news stories every day about new hacker attacks. When you think about it, it makes sense that hacker attacks are happening so frequently because of all the vulnerabilities in the systems we use today. Even systems that were previously thought of as being unhackable, like a cryptocurrency blockchain, can be hacked into. Businesses and consumers alike are exposed to hundreds of vulnerabilities every day, and even the most mundane systems can be vulnerable to attacks. There was a story I heard where a casino had a fish tank with an automatic fish feeder that was connected to their wifi network, and the entire casino system was hacked through the fish feeder, which goes to show that a hacker can use just about anything to access a system. In the article, it is mentioned that employees are the biggest risk with regards to security because of how easily mistakes can be made and 47% of data breaches are from human error. These errors could be as simple as using the same password at work as at home, or something more serious like a phishing scam which is when an employe essentially opens a “backdoor” into a company’s system by opening a link or file from a fake source. Phishing scams are hard for employees to notice however, since they are designed to look genuine and could easily be mistaken as being real. I have experience with phising where I work, and they run phishing tests a few times a year where corporate will send out a fake email that looks genuine, but is in reality, fake. The test is useful for my company because anyone who clicks on the link in the email is required to do a short informational lesson online to learn more about phishing and what signs to look out for to avoid it in the future. I do not know how popular tests like this are, but I think more companies should be training their employees similarly as it is an easy and quick way to limit scams and hacker breaches. The article also mentions that a good way to minimize hacking is to hack your own system as means of learning where the vulnerabilities are. This is a very popular method that I have heard a lot about and even some big companies like Tesla take part in. There are a number of hacker events every year where hundreds of hackers assemble and try to breach data and security systems and are rewarded if they find any vulnerabilities. At a recent hacker event, Tesla offered up a free car if anyone could hack the car’s central computer so the rewards for these hacker events can be quite high, and shows how seriously some companies are taking cyber security. Hacking will only continue to get worse, so companies need to be mindful of their systems and educate not only their employees but anyone who uses their systems about the potential vulnerabilities and what they can do to minimize security breaches.

  10. Kyle Stephens March 29, 2019 at 10:47 am #

    Cyber crime is one of the biggest threats that we will all have in our future lives. With everything becoming more and more digitalized, we will see an increasing amount of risk associated with it. These risks come from hackers who will hack your system for any information that they desire. Although it is clearly a bad thing to get hacked, there are a few positive takeaways from this. For one, it should make us all more cautious on the internet. The imminent threat of a hack will scare people away from putting sensitive information out on the web, which will be better for personal security. Next, this will create a huge number of jobs. These jobs will come in two forms, cyber security and employed hacker (for lack of a better term). Cyber security jobs already exist but they will soon be thrust into the spotlight. We will likely see a bigger push from the government on cybersecurity, likely improving their own cyber security division drastically. The other job is an employed hacker. These hackers will be in charge of running the “penetration test.” They will have to learn and master different hacking methods and then test them on their own networks. This will allow companies to adjust their security to become impenetrable. These new jobs will be a nice replacement for jobs that are being lost right now to automation.
    Along with the good is obviously the bad. The bad part of all this is the amount of human error that workers make. Employees are the biggest liability to a company. The amount of things that an employee could do to damage a company is scary. These can be intentional or unintentional, which in my opinion makes it even scarier. Because of this, I believe there will be an even more increased importance on management. And, I wouldn’t be surprised to see new jobs as “cyber managers” begin to appear. In these positions, the cyber manager would be in charge of everything that employees online. They will monitor transactions and changes made to the system to correct errors and control any employees that could be a threat. Essentially making them a talented fact checker. Overall, cyber security is a serious threat that companies and employees should be more cautious of.

  11. Jada F March 29, 2019 at 12:28 pm #

    After I graduate, my focus will be in cyber security so this was a great article for me to read. Every company that uses some form of technology (which is most in today’s world) is at risk of being hack and having valuable data compromised. Cyber security is something that is needed to try to prevent this from occurring. Cyber attacks are very costly for companies and can ruin the reputation because customers may think that they are less reliable. Imagine being a customer at a bank. Bank accounts hold a lot of personal information about their customers so it is very important that this information is protected. In the event of a data breach, many customers would be less likely to trust that bank with their information and may think that they are lacking security. In this article, was surprised to read that a large percentage of cyber attacks happen because of employee negligence. If employees have an easy password or use the same password at work that they use for things at home. Employees should be required have a different, hard to guess password at work to prevent data breaches. This article that I read had great tips on how employees should protect their data at work. https://www.techrepublic.com/article/5-data-protection-policies-your-employees-must-know-in-the-post-gdpr-era/. One tip that I think is helpful is to change your password often. The system that one of my previous jobs used, required that we change our password every few months or we would be locked out. This was most likely for data protection. Another tip that was helpful was to encrypt sensitive data. This means putting the data into some type of code that will be a lot harder for a hacker to decipher if there is a cyber attack. Lastly, cyber attacks can be disguised as something else, for example, an email. The email may look legitimate to get people to open it, however a virus or spam could be hiding inside. This is why it is important for employees to have some type of virus and spam detector for their emails. I agree with this article that is very important to hack your own system and find faults in it to know what needs to be worked on. Above all, I think it is very important for HR to educate the employees and make sure that they understand how much risk companies are at when it comes to cyber attacks and make sure they are aware of what can be done on their end to prevent them.

  12. Edward S March 29, 2019 at 2:13 pm #

    Although Brad Anderson offers sentiment-monitoring software tools as a solution to identifying people likely to commit some type of security breach, managers will be challenged to determine how much emphasis they wish to put in such software. While intermittent monitoring of employee sentiment in the form of long form expressive employee opinions and data analysis may confer benefits of helping management determine company sentiment and morale, the software itself would begin to invoke principles of George Orwell’s 1984, albeit in the private industry.
    Steve Durbin who is a Director at Information Security Forum comments briefly on the threats posed by businesses today noting that technology has caused a changing social landscape. Information is more easily accessible and transferrable between parties presently and these present good opportunities for malware to spread. The availability of technology and multiplication of private devices capable of joining company networks represents a substantial cybersecurity threat. In addition because employees are comparatively much more nomadic and less likely to remain with a given employer for extended periods of time, this might create a problem in which employees emphasize their own morality instead of the principles and guidelines of the company, creating additional opportunities for internal threats, whether intentional or unintentional. (https://digitalguardian.com/blog/insider-outsider-data-security-threats).
    An article by CRN also lists some of the top ways of preventing internal security threats. These include database monitoring that is capable of detecting suspicious activity. Another technology called whitelisting can also protect against security threats. This is software that essentially only approves certain types of code to run on computer systems. So for example only certain programs would be authorized to run. Also included is data loss prevention, which is capable of addressing some of the issues of remote access of data by employees. Data loss prevention software can encrypt information that is sent out of the company’s network. It can also alert companies to possible breaches of intellectual property and trade secrets. (https://www.crn.com/slide-shows/security/240164945/top-5-technologies-that-detect-insider-threats.htm/6)

  13. Edward Holzel March 29, 2019 at 2:16 pm #

    Hacking is currently one of the biggest fears of many Americans in the world today. People live in fear that their credit card information along with any other personal information. With technology evolving, hacking evolves as well. People can walk by someone and get all the information needed to access personal accounts and credit card information. Competitive companies in the world may approach of hacking competitors to ensure a profit. The best way for these companies to hack is to pay an employee to help in the hacking. Overall, the hacking front of America is advancing, and companies need to prepare for that front.
    The article talks about hacking your own system. The idea of hacking your own system is perfect or higher a group to hack it. Hacking your own system is ingenious. The system gets the test of being hacked without the risk of losing information. Companies will be able to identify failing issues in network security and be better prepared for hacks from competitors. With several ethical hacks every year will ensure the companies network is secure, companies can rest knowing their system will not be hacked.
    Lastly, the article also discusses having a pulse on the workforce of your company. Companies need to understand how the workforce feels about the company. If a workforce feels under-compensated or harassed, then someone will be willing to sell out to another company. Having workers that are not loyal to your company opens a whole can of worms. Not only does the company become vulnerable to hackers, but also vulnerable to a lower work ethic and production of the company. Overall, the company needs to maintain a keen eye on its workers to ensure that they are happy. If the workers are happy then the firm will not have to worry about getting hacked and losing high amounts of profit.

  14. Trovonta Burgess March 29, 2019 at 2:34 pm #

    In this digital era that we live in runs the risk of getting out information hacked by cybercriminals and internet trolls seeking private information. Many companies have a firewall to prevent hacking in place but sometimes it’s not the device that has caused an issue. In this article, it spoke on how human error frequently exposes unexpected things on the web, which makes it possible for cyber attacks to even occur. Employee negligence is one of the easiest ways to avoid being hacked. Simply having a training for all employees could provide them with the necessary information to lessen the possibility of information being exposed. Something that we are all guilty of is using the same password for multiple things. It is important that employees remain educated and aware of the risk associated with cybersecurity and the detrimental impact it could have on the company. Although it was surprising the hear that a small portion of hacking is done internally or inside jobs carried out. Which requires HR to watch for these suspicious activities of undercover information probing.
    A lot of procedural steps can be taken by a company as well to ensure they are well protected on the web by conduction test to find the weak spots and make them stronger before a hacker has the opportunity to access valuable information. This makes it somewhat easy as many new methods have been discovered on how to check the strength and hackability of your resources used. Just as in any other situation its good to always be steps ahead of everyone else. By continually performing certain steps it can ensure a safe cyber-secure environment for all devices. It is easier to manage these types of things for small companies but for bigger company’s it can become a really extensive process of developing what’s needed. Because on a larger scale of things it requires an IT department to install and work with the employees.
    Trust is a really challenging sector in business because you never quite know exactly how a person works and the intentions, they have of working within a company as such.

  15. Kevin Metz March 29, 2019 at 2:39 pm #

    Cyber security, as our world evolves into this new generation of technology, is becoming a crucial part of all businesses and their safety. As technology has become more and more involved in our everyday lives it has also found its way inside the workplace as a substantial asset. This being said, it has also become one of the easiest points of entry for criminals attempting to sabotage a company. This article has opened up my eyes to problems that businesses have to deal with and defend from everyday. The most shocking parts I found in this article were that 22% of cyber attacks on companies are inside jobs, and also that a strategy to attack them is through the employees and the electronic devices within the company. I believe the hardest attack to stop and defend against are the inside jobs. A company is forced to put trust into employees in order to get tasks accomplished at a productive rate. It is impossible to know if one of your most trusted employees is one day going to turn on you and break your system with the access they have, and potentially ruin your companies reputation or empty their bank account. The article mentions human resources being a way to prevent such attacks by looking out for weird behavior amongst the employees, which truly is a garbage tactic. I can confidently say that a criminal risking jail time, with the skills to hack into a company effectively, will not be acting so suspicious to the point where someone in human resources is going to be able to say that they are planning an attack. The other points of entry from criminals who are not associated with the company are more easily protected as the article has given some very good advice and solutions to prevent these attacks. I agree the firewall and protected printing is a great idea because as I stated before and the article greatly emphasized, technology is becoming more and more crucial to our everyday lives and for businesses around the world, so protecting it is just as important as advancing it.

  16. Cameron Kharazmi March 29, 2019 at 3:54 pm #

    I remember watching an episode of the hit TV show “Mr. Robot” in which the company of the protagonist Elliot was hacked from within, sending the company in a downward spiral and effectively putting it out of business. That hack came from an employee playing a CD given to him from an innocent looking bootlegger on the streets who wanted to promote his “rap album”, which was my first introduction into how employee negligence can severely hurt a company, especially one reliant on their cyber-security. This is a fictional story, but falls in line with Brad Anderson’s article, as he makes several points as to how a company can strategize ways to minimize employee error and better secure their cybersecurity practices. Having employees constantly change their company passwords and telling them to keep their devices protected is a common practice, but what I found interesting in the article was the mention of using Artificial Intelligence to seek out negative emotions or low engagement in order to make sure that employees are not hacking the company from within. The person with the best knowledge of a company’s cyber structure would be one working for the company, so harvesting data and using AI to analyze trends associated with discontent and disengagement is a new and innovative way of monitoring employee contentment without the annoying overhead of the human resources department. Using other strategies such as hacking your own system to expose flaws and making to use firewalls to shore up those flaws are also great strategies, but I believe as the internet expands to many different devices, hackers will find many ways to subvert these practices and try to harm the company. This issue directly impacts employees, as their home appliances in the future will have internet access, opening more routes for hackers to get to a company and penetrate its system. I believe that cybersecurity is a responsive practice, and no form of cybersecurity is impenetrable by anything. By encouraging employees to monitor and place company-sponsored firewalls on their system, utilizing cybersecurity firms, and responding to new technological advances, company’s can create proactive responses to an ever-changing war with cyber-criminals.

  17. Daibelis Acevedo March 29, 2019 at 5:22 pm #

    This article written by Brad Anderson made me think of my personal workspace and the other employees I work with. It’s kind of scary to think that anyone could hack into a blockchain which has a lot more protection than us as individuals. Our world is turning into a fully digital functioning world, slowly, day by day and we can all see it firsthand. One of the most important things about technology and what we do on the internet is that it’s actually pretty hard to do anything incognito. In order for all your steps to not be easily traced back to you, the individual must do some thinking and research first. At this point in time, a lot of people do not recognize this or understand how important it is. This brings me back to the class we had when Professor Shannon basically blew all of our minds in regard to technology and what we need to do differently. A VPN is something not everyone knows about or even has any idea that it exists. This is important to understand because people just go about their regular lives and do not realize the information they are giving out. Thinking about this all-in regard to a business is a bit difference. I guess, from my point of view I always thought a business would have so much protection to the point they would never be hacked, especially not by their own employees. Out of the three tips given in this article, the one that I found most interesting would be number two. “Hack your system” is an interesting way to really prevent issues like your own employees getting into the database. This is a good strategy because as the article says, you are really “assessing your vulnerability.” A company or business may not even think of the things that make them vulnerable such as old documents, old information, archives they never really got rid of, all of this comes into play when an employee or anyone else is hacking. If a business took action like hacking their own system and viewing everything from the opposite end, this will help their business greatly. When reading this article, it was the first time I have ever heard the term “good ethical hacking.” I am glad that I got exposed to this topic and ideas as such because these are all important components that any business person should know. In fact, not just a business person but anyone because protection over one’s system or phone is equally as sensitive. Brad Anderson explains these important points of cyber security within a work force and it’s a very well explained article and I did enjoy how it was easy to understand what he was talking about and referring to.

  18. Andrew Kenny March 29, 2019 at 5:37 pm #

    With all of the benefits that come with digitization, there is also negatives. Hacking is by far one of the most threatening of the negatives. This article talks about how hacking can come from within, especially when there may be unrest between management and the employees. Hacking would be an effective way of getting back at the company if an employee felt that they were not being treated fairly. I know now, after multiple class discussion, how vulnerable we really can be. In fact, my old high school was not very hack proof at all. One of the students, who happened to be a friend of mine, hacked the school software and had access to all students’ and teachers’ information. He also has access to tests and future assignments. After a few months he was finally caught, and actually landed a job in cyber-security because he was not charged with a crime since he was a minor. The fact that the school had our information so weakly protected just emphasizes the constant emphasis on the protection of our data online.
    I really agree with the section on trying to hack your own system to find its flaws. Detecting weak points and correcting them will at least slow down a hacker or discourage him from pursuing the act. All companies must emphasize cyber protection to remain competitive because hacking is inevitable. I would not put it past competitors to attempt to hack their rival company to gain an advantage nowadays. I have become extremely aware of how vulnerable I am to being exploited by data mining. Taking precautions that I never thought would be necessary are now vital to my information being protected. Being technologically aware in this era is not just a recommendation, it is a need. People who are too stubborn to make changes are just putting themselves at risk. Everyday home items now have the ability to monitor our speech and movement, and many people are not even aware that they are basically being recorded step for step and word by word. Companies aside, the everyday person also needs to be wary of how dangerous hacking can be.

  19. Jon Sozer March 29, 2019 at 6:42 pm #

    This article interested me, because reading it introduced me to ideas that I have yet to see elsewhere. To date, I had never seen the idea of hiring others to intentionally hack your own information. The idea of hacking is scary, with hackers predominantly shown as villains in popular media. Of course, some shows, like Leverage or Mr. Robot showcase hackers as helpers, in more of a vigilante sense. Truthfully, I had never thought about the same in real life. Would I be brave enough to invite such a challenge, to pay someone intentionally to try to access my information and bypass my privacy? Even after reading the article, I don’t think I would.

    But, the points brought up have merit. The idea of hacking yourself is an activity in foresight and awareness. As we have heard from Professor Shannon on multiple occasions, none of our information is truly safe. Finding out which weaknesses are the most exploitable, and working to remedying the situation and fortifying where we can would all work wonders on prolonging the shelf life of our personal data. Keeping better tabs on employees would also prove fruitful, as I am myself guilty of sharing passwords for different accounts. I have about a half dozen that I cycle through, but I am quickly learning that I need to be much more cautious and responsible with my accounts.

    Also, with the article, I have learned about “firewall-as-a-system”. This helped to bring to light how personal devices are just as – if not more – vulnerable than workplace devices in a workplace. I have friends that are currently studying cybersecurity at their respective schools, and I hadn’t understood the gravity of the work they were studying. They could possibly be studying in one of the most important fields in the near future. I need to keep a better eye on my technology and I need to become more responsible for my sake and for my future career.

  20. David Torres March 29, 2019 at 8:14 pm #

    There is no doubt that business owners set high standards for their interviewees when hiring new employees. If employers follow just this one rule, they are destined for success. The rule is that employers should look to hire people with the same mindset as themselves, the mindset of an entrepreneur. Your employees will not only work for a paycheck at the end of every pay period, but for the name that they represent, and the passion for growing and achieving new heights as a company. However, in the article “The Biggest Hacking Risk? Your Employees” reminds people that no matter how efficient you may think an employee is, you always run the risk of him turning his back and seeking for ways to get ahead, but in a way that is either illegal or a way that will hurt the firm/company. In many cases, it involves hackers. Whether it be stealing credit card information and selling it on the dark web or even releasing insider trading information of another company, there is always a way for employees to screw you over as a business owner. A well-known institution, Wells Fargo has been known for creating fake bank accounts. Even the most successful and famous companies around the world have committed something illegal that has to lead them to lawsuits and fines. Most of these hackers at an employer’s firm/company have a lot of activity on the dark web, where they look to make a profit from their abilities. The amount of expertise needed to perform the acts of hackers nowadays in immense. They know how to surf the web anonymously and by hiding their IP address and changing their IP address by the second. It is nearly impossible to catch these individuals because of their deadly talent and abilities. It is scary to think that yours or even my bank account information is being listed on the dark web for less than a dollar worth of Bitcoin. We need to become aware that things like this actually happen all the time, and more often than we think.

  21. Daniel McNulty March 29, 2019 at 8:35 pm #

    As we move forward and advance as a society, there will always be positives as well as drawback in which we must handle. Personally, as someone who is interested in one day owning a business, this article was very intriguing. It brings up very practical and important points for any business that is looking to secure its data more than it currently is. My main focus in this article was the “ethical hacker” approach to points in a certain company’s security software weak points are pointed out. While going through this article, I understood that it would be extremely practical to test how strong your company’s protection and how it can be improved. By having someone who is a trained professional examine your software and delve into every crack that the average person would not be aware to check is extremely imperative when trying to improve security. One thing that is important to mention from the consultant perspective, is that the work they do is universal and can be done on most companies. The main job of the consultant is to come in and be able to recognize and asses how things are operating and be able to name several ways in which things can be improved which in turn, will allow that company to perform more efficiently and grow accordingly. Something that everyone must live with, is that hacking will always persist due to the growth in technology and how quickly it is expanding, which is why it is so imperative for companies to maintain a high level of network security. Hacking is indeed a problem, but is definitely one that can be resolved, and if went about the correct way, will save your company time and stress at the least. The main point is that nobody is safe from being hacked with the level of technology that is currently accessible, so being aware of this is something that is very important.

  22. Horace Bryce Jr March 29, 2019 at 8:43 pm #

    With the statistic that many tech companies will expand as much as 3000 percent in the near future, I can see how cyber security is starting to become a top priority for any company looking to stand strong. When I seen the title of this article I thought “wow, my co worker really might be a company spy.” This is not far from the truth but it is not the whole truth. The title “The Biggest Hacking Risk? Your Employees” is basically saying that employees are the major threat to company cyber security. This is simply because they tend to be very negligent and naive of cyber security. The article points out that getting hacked could be a result of an employee using the same password or even phishing attacks. I actually was not aware of the fact that one of the biggest currencies in the world “Ethereum” was hacked. As a person who owes cypto such as Ripple I am afriad that someone will find a way to hack this previously thought “unhackable” blockchain. It also makes me question if I am doing everything in my power to protect my own data. I have come to the conclusion that I am not. I use the same password for virtually everything, not only that but I was completely oblivious to the importance of cyber security before reading this article. It would be in my best interest to change diversify my passwords and learn more about what I can do to secure my information. It is said that 47 percent of business leader believe that data breaches are a result to human error. From a company standpoint all they really have to do in order to improve their cyber security is formally educate their workers on not doing things such as using the same password at work and home or “opening the door” for a hacker. About 76 percent of data breaches are financially motivated according to data by Verizon. Business are in the business of making money so hackers are destined to try and attack their security. After reading this article I am seriously thinking about switching my major to IT because with the rise of tech use in companies it is evident that the job market for cyber security will increase ten fold. The future will be run with and by technology, those who can not keep up will be vulnerable in the face of it making them easy to exploit.

  23. Rachel Leto March 29, 2019 at 8:45 pm #

    Hacking has always been a problem, ever since computers were created. However, today it is much more advanced than just trying to guess a password. Most companies have the mentality that they have the best of the best systems and no one could ever hack them. They are very wrong. Everyone is hackable; it comes down to how easily your important documents can be hacked. The article mentioned that the companies employees are the weakest link and make it easy for hackers to get into the system, for example, having the same passwords for work and home. If your employees Instagram password is the same as their work website login password, then there is a big issue. Even if your employees are all very educated about cybercrime, remind them again. It is always good to know that your employees know all of the right steps to take ot prevent your company from getting hacked.
    Something the article suggested that I found to be one of the best things someone can do in this situation is to hack yourself. Hiring a professional certified hacker to come into the office once and a while and just see how easy it for you to be hacked is a smart decision. Professor Shannon mentioned that everyone is able to be hacked, but if you make it long and hard for the hacker to get passed all of the firewalls you put up, the chances that they give up for the time being is very great. It was, also, shocking to read that printers are one of the easiest systems to hack. No one thinks about the fact that confidential documents have to go through another system that is not well protected, to be printed. More and more offices make their employee have a code or use their employee ID to access the printer. No one is “not hackable” and hackers do no give up, but companies can make it harder for them to get through the weak points that they may have.

  24. Divyaa Sarin March 29, 2019 at 8:52 pm #

    As technology is advancing, so are the risks. Hacking has become a main concern for many companies. So, what exactly is hacking? Hacking is “identifying weakness in computer systems or networks to exploit its weaknesses to gain access.” https://www.guru99.com/what-is-hacking-an-introduction.html In other words, someone purposely gains access of information from computer systems in order to maliciously benefit themselves or corrupt others. This a huge ethical concern for higher branch companies because they tend to keep all their information stored on these devices. I think this can be very dangerous, considering the important information that is stored on computers, a company can face many difficulties if a hacker gains access. What is even more surprising is if an employee, who a company entrusts, would go behind their backs to exploit them.

    As mentioned in this article, 47 percent of businesses have been hacked by their employees. Instilling too much trust especially in employees can lead to brutal consequences. It is important to have total control over information in large companies Often times people hack for monetary purposes, so it is important for companies to have very secure systems of their expenses. There are many types of cybercrime like computer fraud, privacy violation, ATM fraud, electronic money laundering and etc. These are all illegal activities that are done by taking advantage over computer systems. Today, anyone has access to a computer and can easily learn how to hack a system. It seems that technology does benefit us, but even in the worst ways! It is very important to secure computer’s data systems so these events can never occur!

    Personally, I think all companies should ethically hack themselves to find any glitches or methods to prevent others from hacking into their systems. This is surprisingly legal! However, according to the International Council of E-Commerce Consultants (EC-Council), there are rules that companies have to abide if they chose the ethical hacking approach. It makes sense to do these checks frequently in order to build strength of cybersecurity. It might seem time-consuming but it saves trouble in the future!

  25. Melissa Caniz March 29, 2019 at 9:07 pm #

    Hacking has always been a controversial topic; many people hack either to do evil or to prevent catastrophe from happening. Now, what I mean by this is that many times a company will try to hack their system to stop other hackers from doing so and thus preparing for the future. A very well coordinated company is one who thinks ahead of the problem before the problem occurs if a company wants to last a long time in the market, it needs to figure out all its vulgarness and modify it, so it doesn’t allow hackers to hack the companies privacy that easily. Now, of course, a company must also look out for every detail that opens the door for a hacker, a company can be hacked merely from accessing an employees phone or hacking into the printers, these are just simple opportunities that are given to the hacker as a gift. Hackers will find one way or another to hack into the companies system if they want to, I mean even black chains who were considered unhackable just got hacked. This incident only proves the limits that these cyber hackers have, which is none they will continue to find new ways to hack any system at any time and will not stop. Running a very successful business grabs the attention of many hackers to want to prove themselves a point of invincibleness, there is even competition to be known as the best hacker alive as if that’s something to be proud. Now you need hackers to be on the other side of the table and are doing good like working with the FBI, CIA or a personal group for companies security and privacy, these type of hackers try to prevent any wrong from occurring before it happens. For example, Penelope from criminal minds was a hacker who broke into government sites and other websites without a problem and was offered a job at the FBI to help them with criminal cases and work behind the scenes. Some people put to use their skills for the better good than to cause harm. Not every hacker is to be associated with a bad reputation, the few that turn to help the ‘right” side are the ones who should feel proud of being hackers and developing such a skill that is very helpful around the world.

  26. Rayzan Alarashi April 1, 2019 at 10:09 pm #

    As technology continues to advance in the greatest ways we’ve seen yet, so does cyber crime. Running into a store with a gun and mask is no longer the only way to steal assets from a business. Instead, cyber criminals can hack into a company in numerous of ways and steal whatever they desire or deem valuable. Hackers can do this from basically anywhere in the world leaving it difficult for law enforcement to track them down and punish them for their crimes. A hacker’s intentions may not always be to steal assets but are sometimes motivated to simply cause an inconvenience to a corporation or hack in order to attract attention to themselves if they are part of a larger group. In this day and age, no one is immune to being hacked no matter the amount security they may have set up against hackers. Even large corporations like Yahoo, Target, Sony, and Microsoft have been hacked in the past. In these instances, the hacker’s main intentions were to release confidential information of users to the public. The topic of online privacy seems to have become a large issue on a global scale but based on the ways we continue to develop technology I don’t anticipate it becoming any better. No matter what the intention of a hacker is, it’s safe to say that no one enjoys being hacked at all. In order to prevent this, one can take several precautions as highlighted in Brad Anderson’s article, The Biggest Hacking Risk? Your Employees. Anderson brings up a great point noting one threat that what most would overlook when setting up cyber security, their own employees. It very true that a company’s employees can potentially be the greatest risk for being hacked, especially since they usually know the ins and outs of a company that any ordinary individual wouldn’t. Even if an employee doesn’t have any personal intentions of hacking a company, they can make it very easy for others to do so, with or without out even knowing it. Some great steps one can take to prevent themselves from being hacked are, not using the same password for everything, implementing some form of cyber security, and even as Anderson suggested, try hacking your own system. By hacking your own system, you are placing yourself in the shoes of a potential hacker and discovering the ways in which your company is vulnerable so that you can take the necessary steps to patch those weaknesses. At the end of the day, no one can prevent being hacked entirely, but by taking these steps one can make it less likely that they themselves will be the victim of hackers.

  27. Matt April 3, 2019 at 1:32 pm #

    I found this article very interesting. Hacking is becoming a major threat to multiple nations. Hackers have the ability to cause catastrophic damages to any business. Even Cryptocurrencies are being hacked for millions of dollars. Businesses need to take precautionary steps to help prevent the hackers from obtaining valuable information.
    Primarily, a business must always be watchful of their employees. Employees know how the databases work. This can allow employees to have an edge when trying to hack the company they work for. Managers must be aware of what an employee is capable of. Also, managers must make sure employees passwords cannot be easily guessed. Hackers will look for easy access, and sometimes an employee’s password is all they need.
    Furthermore, a business must run multiple test to check their software against hacking. During my internship at a software company, I noticed the system running test for hacking on an hourly basis. The company was consistently trying to find flaws that hackers may try to exploit. A company needs to constantly check their protection because hackers are very innovative.
    Lastly, a company must focus on their strengths and weaknesses. Hackers will always try to find loop holes. Also, hackers will consistently be trying to change their hacking method. They will use multiple “smoke screens” to try to draw attention away from them. Businesses need to patch up any technology weakness. Even the hacking of a printer can cause a major disruption in a work environment. I think it would be a good idea to give employees company cell phones. These devices would only be used during business hours. This could prevent hackers from obtaining confidential emails. Also, by having company cell phones messages can be easily traced. Computers/ laptops must be constantly tested for bugs/ viruses. I believe non work related websites should be blocked by businesses. This will limit the risk of a virus attack happening.
    All in all, hacking is becoming an epidemic. Businesses are constantly losing profit because of hackers. Hacking is never going to stop, and technology is going to continue to become more advanced. Businesses need to take precautions to protect themselves, employees, and its reputation. However, hackers enjoy what they do. They will always challenge themselves to hack into the most secure servers. Even Sony, and Microsoft have been hacked. The government needs to crack down on hackers, and apply strict penalties against hacking.

  28. Madyson Y. April 3, 2019 at 9:24 pm #

    According to this article by Brad Anderson, employees hold the biggest risk when it comes to hacking information. Employees may not be actively trying to hack into private company documents, however, it is their negligence that causes the issues. One of the biggest negligence’s is using the same password for every login at work and at home. The article also cites other major negligence’s such as human error, lost devices, and lost documents. Another type includes phishing. Phishing is the practice of when a hacker sends a fake email that looks official to an employee at any company. The employee then begins to believe that this email is legit and requires their immediate attention. They then reply back with confidential company information, and once the hacker receives that reply they have the whole company within their hands.
    In order to prevent employee hacking in any shape or form, there are many precautionary steps higher ups at a company can do. The first measure is to make sure human resources is keeping a close eye on the employees. It is true that most of employee hacking is due to negligence, but there is a 22% chance that the employee is actually trying to hack into the company’s confidential information. Employees who participate in this type of act may decide they want the information just for their own personal knowing or to sell the information to other companies in hopes of making a profit out of it. Human resources can trigger this behavior by implementing certain software that includes artificial intelligence. This software can notify human resource employees when there is little to no engagement or emotion by the employee.
    Another measure is to hack the systems the company uses. Having someone who works for the company, hack the system from the inside, can show just how hard or how easy it is to hack the software. If the employee cannot gain any insider knowledge or access to important documents, that means the company is safe and has good protection against all of its assets. If the employee can guess a password, maybe not on the first and second try, but after multiple attempts, unfortunately, the company can be easily hacked. However, the employee running these tests needs to be certified from either InfoSec Institute or EC-Council.
    A third and final measure this article credits is making sure the company has all of their weak points covered. After running the tests that were mentioned above, the company can see what a hacker has access to and what they do not. Simply install new software to fight against the hackers before it is too late and the damage by them is already done. One weak point for mostly every company is their employees’ personal phones. Because the IT department does not control what is on their phones, it is important to install a firewall so the employees can have access to their personal phones. By following these three precautionary measures, companies will be able to worry less about hackers and focus more on profits.

  29. Croix R April 4, 2019 at 7:22 pm #

    Most managers or owners do not think about the idea that their greatest security weaknesses are their employees. You have to make sure that all of your staff is up to date on the latest hacker strategies. The article talks about how one of the biggest security flaws that come from allowing workers to log into your sensitive files is when they use the same password for home and work. At my job IT provides you with a password and does not allow you to use one of your own. This can be hard on employees, always having to try and remember a new password. However, I really do think this is the best strategy to minimize risk. The thing is, you have to be strict and not allow the employee to write the password down. If they write it down, it removes the whole point of having a password. Most hacks involve social engineering where passwords are gained in simple ways such as finding a note with the password written down. The article says that 47% of business leaders attribute data breaches to human error or lost devices or documents. This number actually surprises me, so almost half of all data breaches are due to employee error. This again, illustrates the point that as a business in today’s world you absolutely have to have a solid data security policy.

    Another security flaw that the article discusses is disgruntled employees and that a significant amount of cyber-crimes are inside jobs. They found that at least 22% of data breaches are inside jobs. They say at least, because in some cases the employee hides their tracks so well that you would never even know they were a part of it. It is extremely difficult to detect when an employee is disgruntled and may be willing to betray your company. I like the idea of monitoring software using AI to detect employee lead data breaches. This will be extremely helpful to businesses if this technology can advance enough.

    I think that it is a good idea to try and hack your own system to know its deficiencies. This will allow you to shore up your weaknesses while also preparing your business in what should be done if you are unable to prevent a data breach. It would be a good idea to have these often and routine. Just make them at different times so that employees are not expecting them. In this process you should also try social engineering. Maybe, bring in an outside person for the day. Have them see how easy it is to learn passwords and gain sensitive data just by walking around the office.

  30. Vincent andre Perez Diaz April 5, 2019 at 1:51 pm #

    This article is really interesting to me because with the amount of information companies have of their clients and the increasing risk of a firm’s database being corrupted this cyber security is a really important aspect to be aware of in the business world. The title of this article “The Biggest Hacking Risk? Your Employees” is what caught my eye and decided to read it but for different reasons that the article is really about. I thought it was only going to talk about how employees might betray the company and make a path to hackers or other companies wanting information, but after reading it its even more than that. The article talks about how common, very common mistakes made by employees can lead into hacking of the entire security system in the firm. The article divides these in three simple steps: Keep a finger on the pulse of your workforce, hack your system and shore up your weak points.

    Keeping a finger on the pulse of your workforce, this might be the key to prevent any future hacking or risk on your company. As humans we all have different types of emotions, anger, sadness, happiness, etc. Sometimes these emotions can make us do things that we are not supposed to because of our emotional state. This is why companies must be aware of the feelings of their employees every step of the way. But a better way to evade this situations with unhappy employees is to follow the golden rule of operating a business, which is to create a good environment where employees feel comfortable and most of all, happy. Creating a good environment is crucial for preventing “betrayal” from employees.

    Hacking your own system is the best way to fully know the extent to which your company is protected. This is a way to understand your system and what needs to be done to make it better. Yes, the thing is that hacking your own system will take time given that you have to try any possible way you could get hacked so you can be saved from any situation. For this strategy to be successful you must do it on a regular basis given that technology is moving really fast and every day, hackers will find a way to hack the new protection.

    The shore of your weak points is the most important part on the way to secure your company. This is where you patch any breaches you find in the trials of hacking your own system. This has to be done in a way where you patch every single breach you have and must be done precisely if you don’t want all the process done before to be in vain.

    Cyber security is one of the hottest topics in the present given that huge companies such as banks and entertainment companies have suffered huge number of hacks where the customers information got leaked, company’s secrets got out and it has been a disaster. The hackings make a company look weak in the eyes of customers given that all of their personal information is with them and the feeling of the company being unreliable security wise affects the company, the economy and the customer.

  31. Hassan Elzeeny April 5, 2019 at 6:28 pm #

    Hacking is something that everybody in the world has to deal with. Whether it is your average person or a big corporation hacking is a major problem. Hacking started off as someone hacking into your internet or email, but now with the evolution of technology and everything being centered around one device hacking has become an even bigger issue. People now have everything on one device and it is leaving people vulnerable. This includes credit cards, social media, email’s banking information, and credit applications. Hackers can with a click of a button can do so much damage to someone without them even being aware. For example, hackers can ruin your credit, hijack passwords, make purchases with your name, and even use your social security number. Big corporations are even more at risk than ever before especially with the use of cloud storage. One thing I never knew that companies do is bring a professional that will expose problems that could leave companies vulnerable to hacking. This to me is very smart concept that all concepts should use because it can not only prepare companies for hacking issues, but it can also solve these issues as well.
    What’s scary about this whole situation is just like Josh stated above if something like this can be hacked into I would imagine that everything can. What is most important through all of this is people need to know how to protect their data. There are many things you can do to protect your data that I do frequently. One of those things is to simply check the accuracy of your accounts. This ranges from bank accounts to social media. Another thing you can do is simply change your passwords every month or so. This is something that seems so simple, but people neglect to do. Simply changing a password can make it much harder for a hacker to get into your accounts this goes for big corporations as well. As technology advances so will hackers. Hackers will continue to find new ways to hack people and corporations. I do believe as technology advances so will protection. It’s hard for me to believe that companies will just leave themselves open to hacking.
    Unfortunately even with new state of the art protection hackers will find new ways to hack. In a way it reminds me of exploits in video games. A gaming company can fixes something that people have been complaining about for months, but as soon as they fix one thing certain people purposely try to find flaws in the system and they create something else for people to exploit in the game. Like Justin said It is sadly a never ending cycle of hacking that I really do not see any type of protection being up to end long term, but it is much better to be ahead of these things then to fall behind because once you fall behind in a situation like this I believe it will be very hard to come back from it.

  32. Shane K April 7, 2019 at 7:20 pm #

    I’m not surprised to find out employees are the biggest hacking risk; many have access into their company’s system and could manipulate information to benefit themselves. This is particularly a concern in the past few years because how extensively technology is used in conducting business. I think another factor that contributes to the danger is how many employees work for a company from home or some other place outside the physical work area for the company. Employees stay connected through the use of technology and are able to access the company information that they need to work on from anywhere. While this is a great benefit if used correctly, it also makes a company much more vulnerable to hacking.

    One way to make your system more secure, as the article mentioned, is to try to hack it yourself. This is a great idea and something that I don’t think enough businesses do. Its better to get hacked by somebody that doesn’t intend to cause any harm than for real. This idea reminds me of how apple rewards anyone who finds a bug/flaw in one of their products. This incentivizes people to report the problem so they can get rewarded and then that issue can never be exploited. This seems to be a very strong strategy that could help make it more and more difficult for a real hack to occur. As technology gets more and more advanced cyber-security is going to have to keep up and that’s means coming up with new smarter methods to improve security.

  33. Brian F April 11, 2019 at 12:30 pm #

    As the world of business shifts from traditional face to face interaction towards more and more digital communication and efforts, the risk that a company will be hacked has increased exponentially. As a result, cyber security has grown into a multi billion dollar industry. Any company that wants to survive long term beyond 2019 needs to have significant resources devoted to the safekeeping of their digitally stored data and information. However, I am not sure that process is nearly as simple the author of this piece claims.
    I freely admit that I am no information technology expert, but I have to assume that one of the biggest issues facing the implementation of a strong cyber shield is the prevalence of remote work. In recent years, working from home has exploded in popularity, so much so that most employees expect it to be offered as an option. In the past, most employees could only gain access to materials stored on the company network when they were actually physically inside of the office. Nowadays, though, with so many people do at least some amount of their work remotely, those sensitive materials are significantly more accessible from a variety of places. That presents a number of problems for employers trying to monitor their data. Computers that were not supplied by the company can now retrieve privileged information, and it can be done over different internet connection that the office’s single network. Along with those two differences, employers are less often able to monitor employees corporeally, so it is no surprise that nearly one quarter of security breaches are inside jobs carried out by employees. That is something that needs to be addressed, but I do not believe the author’s solution is viable. He suggests that human resources implement “Sentiment-monitoring software tools use artificial intelligence to analyze text for emotional cues, and they can alert HR to low engagement or negative emotions that may indicate possible security risks.” Artificial intelligence will be featured prevalently in the future of business and all of human life as a whole, but I am absolutely not ready for it to be used to analyze people’s tendencies while they are using a computer to determine whether or not someone is a potential security risk. First of all, I am not positive how I feel ethically about a company digitally monitoring their employee emotions. Second, there are many people who, if they took any type of emotional exam at work, would register as unhappy. Most people don’t absolutely love their jobs, but that does not make them a threat to hack the company, and it is unclear how this software would distinguish between the standard melancholy that often accompanies office work and genuine security threats.
    Once again, I am no expert in hacking, so the proposal to hire an “ethical hacker” may be a sound defense. However, as the article itself said, no one is immune to cyber crime, and anyone can be hacked. Companies would have to spend money to hire someone to find some of the flaws in their system, and then spend more money to rectify those problems. All the while, someone else is likely trying to exploit some other weakness. Cyber security is a huge issue facing both individuals and businesses in 2019, but there won’t any easy, blanket solutions that solve everything.

  34. Alison Schwerthoffer April 11, 2019 at 3:18 pm #

    Hacking can be a huge problem for any type of company. It does not matter if your company is a huge tech giant, or a grocery store chain, hackers and data breaches can spell disaster for the company in question. When a business is intruded by hackers, it creates a sense of panic and disorganization for a company. When hacks occur, companies scramble together to try to fix it but many times the damage is already done and the companies lose trust from consumers and their employees, and the companies end of losing money, data, resources, and time. This article is all about describing how to stop hacking occurrences in their tracks, and before issues unfold. Businesses should listen to the tips in this article to help stop hacking before it starts.
    Companies need to realize that now a days, cybersecurity training should be given to their employees. With the amount of technology being used, it would be foolish of a business to not educate their employees on how to stop hacking from occurring. The first tip given in this article could truly help the issue of hacking. Companies should make sure that their Human Resource team gives information to their employees and also watches out for suspicious employees. 22% of crimes are inside jobs, so HR must be aware of potential employees that could hack their business. This is the crucial first step in keeping hacking occurrences low.
    The next tip that could definitely help keep hacking at bay is to strengthen up the weak points. Companies should hire reliable cybersecurity workers to help strengthen their systems and help reduce hackings that can occur. By providing maintenance on a businesses’ technology and keeping it strong and reliable, hackers will have a harder time getting to the companies’ data.
    Overall, we are in an age where technology has to be used in a business setting and compares need to be more aware of the potential threats of hackers. Companies should make sure their Human Resources and their training methods give information to employees to help them understand the threat of hacking and how they can help prevent it. Companies should also hire cybersecurity professionals to protect their data. Using these tips given in the article will help a company keep their employees and consumers safe from hacking.

  35. Ruth Francois April 12, 2019 at 3:56 pm #

    Hackers are truly becoming unbearable to deal with. Companies can spend thousands of dollars to protect their identity from hackers and, it still wouldn’t be enough to keep them away. We have to be more mindful as individuals with our identities so that we won’t be targeted. In this article, Brad discusses how people aren’t immune to cybercriminals especially when a blockchain can be hacked. I did not know that employees can possibly allow access to these hackers without any knowledge of doing so. This article was an eye-opener for me because I could have possibly contributed to those issues’ companies have with their employees. A report on Shred-it states that forty-seven percent of business leaders believe that the causes of breaches are due to human error or lost documents or devices. From my standpoint, I accumulate a lot of passwords over the years for varies things, and it’s hard to keep up. I try to keep it simple by using the same password for everything I possibly can; If I can’t I keep it similar to my previous passwords. By doing so it helps me keep track of everything without running to issues such as, forgetting what password I created. At work I find myself doing the same thing by keeping them all similar or even the same as some of my password for my personal accounts. I have been doing this for years without any red flag signal until this article. I could have potentially, not knowingly, allowed access to data breaches; that can incur huge costs and harm the companies I worked for. This article gave great insight on how to minimize cybercrimes for both employees and employer standpoint. By employers raising awareness to the Human Resources about cybercrimes and the effect that can cause the business. Once Human Resources are aware they can educate the employees on safety precautions. I agree that Human Resources should be educated on this issue. Because I believe that an average person would not know that they could cause a breach to a company system. This was a great read for me; moving forward I will take into consideration of my passwords at the workplace.

  36. Luke Tyler April 12, 2019 at 8:10 pm #

    Upon reading the article that discusses the main issues with company data, it was really an a-ha moment, when the whole premise regarded the lack of education among employees. Also when I heard that the blockchain technology of Ethereum was able to be penetrated and hackers were able to change the logs of the transaction history of the currency, I was shocked by how such a complicated new concept could be already hacked. After that news was released, there was a big scare to those invested in the idea of cryptocurrency and delegitimized it. Have someone’s bank account open to risks on an anonymous platform spells a lot of issues. In a lot of bigger companies, the control over employees might not be as cohesive as say a smaller firm. Many of these issues start to occur because of the lack of information among people. This is because there is a slower flow of information. I do agree that a lot of these major leaks most likely come from within the company because not every employee is technologically literate which means there is a gap within the company’s structure and foundation. I think that a company should progressively update employees on how to safely handle new technology. One thing that is important to me is to make sure that I improve my digital etiquette while I am transitioning through college into a career. It is important that I start to use more encrypted passwords and organize all of my files when storing it on drives. Another thing, it is important to consistently update my firmware in order to make sure my software isn’t vulnerable to outside attacks. In the past I have been reckless when it has come to maintaining passwords, but I need to start using a variety of different alphanumerical passwords with special characters to prevent it from easily being compromised. Last, it is critical that confidentiality is kept within a workspace because leaks in information can result in data breaches that lead to further damage. When using email it is essential to be cognizant of all the phishing scams and other sketchy links that might appear in your inbox. With the different ways of being hacked now a days it is necessary to be transparent with what you see that appears suspicious. If something out of the ordinary happens on a company’s servers it is important to address it immediately with someone or else you may be liable for what occurs next. In an ever expanding and more inclusive web, the users need to become aware of the potential risks and realize that nothing is truly ever safe online.

  37. Shegufta Tasneem April 25, 2019 at 10:46 pm #

    Hacking has become a very common method of privacy invasion these days. With the increase in the practice of selling personal information of people to companies as a form of advertising, hacking has become even more popular. It is very easy for hackers to enter into the system of personal accounts in the various work place as well as social media. Google, Facebook, Instagram, Twitter are some of the social media platforms where people put all kinds of personal and confidential information of themselves believing that it would be only seen by them. But, these data are not necessarily only be seen by the account holder or the owner. Social media giants like Facebook, Twitter, and Instagram being an acquisition by Facebook, have long been accused of using these personal data to sell to advertising companies without the consent of them. This is also one kind of hacking where the information and data of one person or company are being used for other purposes without their consent. In this article, the writer discussed how hacking is avoidable in workplaces and how employees are often the source to the hacker. Although this is done unintentionally, it has grave consequences since the account of one employee can lead to the most important data of a company that can cause huge losses to the owners. Cybercrime is one of the biggest threats of our time now that technology is taking over every aspect of our lives. There are certain precautions that we can take to minimize our risk of being the victim of cyber crime such as ethical hacking or self hacking. For printing devices being hacked, the concept of secure pull-printing is a potential solution. Having individual swiping cards for every employee also serves as a good measure against cyber crime. Employees will be able to access only the information or data under their control. Thus, even if a hacker can hack into that employee’s account, he won’t be able to have access to the accounts of other employees.

  38. Richard Gudino April 26, 2019 at 12:20 pm #

    As we keep progressing and enhancing our technology with the world around us we need to stop and be able to take it all in. We always talk about how the technology of tomorrow is going to benefit us and going to make are lives easier than they already are. We are always looking foe the next innovation that we sometimes don’t get the opportunity to stop and ask ourselves if we should. Yes this article is about how as a business owner the biggest cost to my company can also be the biggest liability to it. This article opened my mind to not just the possible solutions to keep company data safe but about how we advance out technology. I do not believe that we talk about the negative side or dark web of technology as much as we should. Hackers like our technology seem to evolve at the same pace, when we think that we have invented a better lock to seal away all our information hackers have already found a way to pick lock it. We simply aren’t evolving our security or privacy mechanisms as fast as out technology is moving. This can become a problem because that means that companies and everyone can be at risk from a random attack. Most are not aware at the how simple it has become to a hacker to get into the average joes life. This is life ruining things that these people do all for the fun of it sometimes, this ruins careers and reputations. I remember the hacking incident of target back in 2015 where hackers managed to attain all the information credit card and more private details of the customers who used some form of electronic currency during the holiday season. What ended up happening to them is they lost a large number of their customer base. My sister and I don’t bother to shop at Target for fear of getting our information taken from us. If there ever is a need to go to target then we make sure that we only use cash and keep our information from Target’s records. This is the best possible way that we have seen to combat any hacker. It would be dumb to suggest to companies to just go back to using only paper because you cant hack paper. This is only dumb because he have become to adjusted to using tech in our business environment. Now all we have to do is put a greater emphasis on internet security and privacy and have it catch up with the pace of tech advancement.

  39. Niall El-Adawy May 6, 2019 at 12:29 am #

    This article brings forth a topic that is very troubling to not only business owner, but regular citizens as well. Employees being the backdoor entrance for hackers to infiltrate businesses is especially alarming because it is hard to monitor all of your employees’ online behavior. The three tips to help stop cyber-infiltration the article offers are all very relevant and important tips to keep in mind, especially Tip #2, stating that the best way to see if your business is hackable is to hack it yourself. No one knows your business as well as you do, so by infiltrating your own business is very beneficial. You are able to discover where your weak spots are, and how to fix them, which rolls into Tip #3: patch the holes in your leaky ship. Fix the errors that you find, and you won’t have to worry about them later. Keeping a close eye on the operation of all systems and employees reduces risk in the future, whether it be a failure in tech or an infiltration, your business will be ready for whatever comes its way.

Leave a Reply