5 Cyber Security Training Tools and Resources
When it comes to data breaches, in particular, cybercrime is at an all-time high. According to the statistics, over 21% of all files are not protected in any way. Also, 41% of organizations have over 1,000 unprotected and sensitive files such as credit card numbers, health records, SSNs, etc. What's more, 7 out of 10 organizations have said that their security risk has increased significantly since 2017, with ransomware growing by as much as 350% annually, and IoT-oriented attacks by 600%.
The healthcare industry has seen the most significant number of ransomware attacks, which are believed to quadruple by 2020. The financial service industry, on the other hand, suffers the highest costs related to cybercrime, with an average of $18.3 million in losses per company.
Based on all of these figures presented here, plus many others like them that exist, it would only stand to reason that businesses should invest as much as they can in their security. Training staff members to recognize and avoid security threats is one of the most effective ways of achieving a desired level of protection. It is for this reason why we've compiled a list of five tools and resources to help you prepare for the road ahead.
Udemy is a training portal designed to help organizations and individuals learn about cybersecurity. It provides classes on several other fields such as development, design, marketing, etc., but also in terms of IT security. Many courses are free, while others cost somewhere around $15.
Another resource in terms of cybersecurity training is Cybrary. As a freemium service, Cybrary provides numerous classes for employees and job seekers, particularly CISSP, CCNA, CompTIA A+, and CompTIA Security+, among other such entry-level security certifications. There are also paid courses to be had on the platform, providing further knowledge in the field of cybersecurity. Also, Cybrary offers per-seat basis enterprise subscriptions, making it more cost-effective for organizations with hundreds of employees to learn junior-level cybersecurity roles.
BrightTALK Webinar Stream
With BrightTALK’s comprehensive stream of cybersecurity webinars, you will have access to thousands of IT security related videos. These are continually updated and are particularly useful for professionals looking to further their cybersecurity careers. BrightTALK also provides options for non-English speakers.
Information Assurance Support Environment (IASE)
IASE is a web portal, part of the US Department of Defense. It offers over 30 free online cyber security courses, mostly in the form of web-based training. And even though the portal focuses on the Department of Defense users, the topics can still be used as generalized cybersecurity training for both beginners and professionals.
Security Now Podcast
Security Now is a weekly podcast available in both video and audio formats. The podcast is hosted by Steve Gibson and Leo Laporte, the TWiT Netcast Network founder and who also invented the first anti-spyware program. The show runs for about two hours and focuses on helping the audience increase their personal security with topics such as firewalls, password security, and VPNs.
These resources will hopefully help you increase your organizational security and help your staff members become more knowledgeable about the issue. For more information, contact us directly.
Data Breaches Are Increasing Faster Than Ever
Today's society is more connected than ever before. No other time in human history could someone in India conduct a video call with someone from the United States while walking down the street. But this is the tip of the iceberg when it comes to 21st-century connectivity.
Driven in large part by a phenomenon known as the Internet of Things (IoT), we are now in the midst of the fourth industrial revolution - aptly called Industry 4.0. In short, IoT is, more or less, a network of devices, vehicles, appliances, and all sorts of other objects fitted with software, sensors, and other technologies that enable them to connect to each other and exchange data. They talk to each other.
The smart devices create all sorts of opportunities that improve efficiency, provide economic benefits, and significantly reduce human effort. There are figures to prove this, as well. If in 2017 there were roughly 8.4 billion such devices, that number is expected to reach 30 billion by 2020. The IoT market value is set to reach $7.1 trillion by 2020.
Data Breaches Are on the Rise
But as good as all of these sounds, there is also another, more worrying trend that's developing right alongside IoT. Cybercrime is at an all-time high, particularly regarding data breaches. Ever since experts began monitoring the situation, data breaches were always on the rise. But it seems that this increase is not consistent - it's accelerating faster.
Statistics show there was a 29% increase in data breaches in the first quarter of 2017 as opposed to 2016, and a total, annual growth of 37%. The business sector is still the most affected, making up 54.7% of all these breaches. The healthcare industry follows it with 22.6%, education with 11%, and finally, the financial and military sectors, each with 5.8 and 5.6 percent, respectively. What's particularly troubling here is that criminals highly seek Social Security numbers, and it's these SSNs that are being exposed in most of these data breaches.
Worse yet; the majority of industries are not required to provide detailed reports about the exact number and the type of information stolen during a breach. 67% of breach notices didn't mention the number of compromised records. However, with General Data Protection Regulation (GDPR) and other privacy laws coming into play, this will be required to report.
Pam Dixon, executive director of the World Privacy Forum, said that “People who are left in the dark about the details of a data breach cannot effectively protect themselves and this can have serious consequences. Breach notifications need to help, not hinder, solving the problems that data breaches can bring."
It comes at a time when committing these sorts of attacks is relatively simple and straightforward.
“It doesn’t require a tremendous amount of sophistication or technical savvy to commit this type of fraud,” said Eva Velasquez, the Identity Theft Resource Center president, and CEO. “Criminals can simply purchase some malware through the fraud ecosystem and then do some spam, do some phishing and boom — they have all the materials they need to commit identity theft.”
The fact of the matter is that data breaches are now a common occurrence and many governments and business organizations are not taking all the necessary steps to prevent them from happening, placing citizens at high risk of identity theft.