Common security threats
Poorly secured systems – which increase the risk of attacks from third parties or misuse, either intentionally or unintentionally by individuals within an organisation.
Social media and email attacks – where accounts are hacked, or emails trick users into an action that compromises security.
Malware – software that disrupts, damages, or gains unauthorized access to a computer system.
Malware on endpoints – (the devices you use, e.g. laptops, tablets and mobile phones) can be threatened in various ways, and traditional antivirus software is not often sufficient to block those threats. While organisations can take steps to reduce the risks on organisational owned devices, when people use their own devices for work, organisational control is limited.
Lack of encryption – using encryption processes to access devices can help prevent the loss of data or corruption of equipment.
Security misconfiguration – ensuring that all technology platforms and tools, including web-based tools are configured and updated correctly is essential. While many configurations and updates are automatic, some rely on individuals to do the updates, and it is important that they understand how to do this (, n.d).