Two ways to penetrate a network
Cybersecurity is about keeping the bad guys out of your network. Whether it’s your home network or the one at work, once the bad guys get in, they can wreak all kinds of havoc. The good news, if you can call it that, is there’s really only two ways to penetrate any network: exploit equipment or exploit people. If you can stop both of these, you can keep your network safe.
Vulnerability of web-facing equipment
You might think the most vulnerable part of your network is the equipment. Afterall, there’s at least some equipment in every company or household that’s exposed to the Internet. Whether that’s a firewall or router or web server, it’s out there and it’s vulnerable.
All web-facing equipment comes with some kind of built-in security capability. However, they can still be vulnerable from misconfiguration and unpatched software. But, from a cybersecurity standpoint, web-facing equipment comes with a built-in tactical advantage.
For the most part, attacking a piece of equipment is done one-on-one. That means the bad guy has to specifically target a piece of equipment and take the time to look for vulnerabilities to exploit. And since they only have so much time, the bad guys tend to spend their time on high-value targets like banks and hospitals. Exploiting people is another story.
Vulnerability of people
Unlike equipment, penetrating networks by exploiting people can be done en masse. It’s accomplished with the use of phishing emails. Phishing emails are emails sent in large numbers with the purpose of getting recipients to click on a link within the email and then causing a bunch of havoc.
Phishing is a big problem
Phishing is a big problem. How big of a problem it is brings us to the only cybersecurity fact you need to know.
That’s right. If you’re a bad guy and you want to penetrate networks, you exploit people and not equipment. And if you’re a company trying to protect yourself from bad guys, you make sure your employees are just a locked down as your equipment.
Protection against phishing attacks
How do protect yourself and your company from phishing attacks? Two ways. The first is awareness training. Good awareness training makes people suspicious and suspicious people are good when it comes to cybersecurity.
The other way is with cloud-based anti-phishing software. What we know from research is that even the best awareness training is only 98% effective. And when it comes to protecting your network, 98% just isn’t good enough.
Cloud-based anti-phishing software takes the responsibility for securing your networks out of the hands of people, and places into the hands of software specifically designed to weed out phishing emails. It keeps most phishing emails out of inboxes so people don’t even have the chance to do any damage. And for the handful that get through, it provides real-time link protection so even if someone does click on a malicious link, nothing bad happens.
Remember, 91% of cybersecurity attacks start with a phishing email. If you’re not protected against that, you’re not protected. To get protected, head on over to PhishProtection.com. It sets up in 10 minutes and provides phishing protection for pennies a month per account. 91%!