According to research conducted by the cybersecurity firm Kaspersky, 43 percent of companies experienced at least one cybersecurity incident in 2018, and the average cost of those incidents was $1.23 million.

So, what cyber security mistakes are your employees making right now that could be costing your company big time?

  • Reusing passwords: It’s estimated that 80 percent of data breaches are caused by weak or stolen passwords. Employees who reuse passwords across multiple accounts are putting your company at serious risk if just one of those accounts is compromised.
  • Clicking on malicious links: Phishing attacks are becoming more and more sophisticated, and even the most tech-savvy employees can fall for them. Make sure your employees know how to spot a phishing email, and train them to never click on links or attachments from someone they don’t know.
  • Accessing company data on unsecured devices: Employees who access company data on their personal devices are putting that data at risk if those devices are not properly secured. Make sure your employees understand the importance of keeping their personal devices up to date with the latest security patches and antivirus software.
  • Not backing up data: In the event of a ransomware attack or other data loss incident, having a recent backup can mean the difference between a minor setback and a major disaster. Encourage your employees to regularly back up their files, both locally and to the cloud.
  • Ignoring security alerts: It’s important for employees to pay attention to security alerts and warnings, as they can provide valuable information about potential threats. Ignoring these alerts can put your company at risk.
  • Failing to update software: Outdated software is one of the most common ways that hackers gain access to company systems. Make sure your employees know to update their software regularly, and set up automatic updates if possible.
  • Downloading unapproved applications: Employees who download unapproved applications onto company devices can inadvertently introduce malware or other security risks. Only allow employees to install applications that have been approved by your IT department.
  • Not using two-factor authentication: Two-factor authentication adds an extra layer of security by requiring users to provide a second factor, such as a code from a mobile app, in addition to their username and password. Encourage your employees to use two-factor authentication whenever possible.
  • Connecting to unsecured Wi-Fi networks: Public Wi-Fi networks are notoriously insecure, and connecting to them can put your company data at risk. Make sure your employees know to only connect to secure, password-protected Wi-Fi networks.
  • Falling for social engineering attacks: Social engineering attacks exploit human psychology rather than weaknesses in technology. They can be very difficult to spot, and even the most security-savvy employees can fall for them. Train your employees on how to spot and avoid social engineering attacks.

Making sure your employees are aware of these common cybersecurity mistakes is an important first step in keeping your company safe from cyberattacks. Implementing proper security measures is also essential.

If you’re not sure where to start, contact a cybersecurity expert for help. They can assess your company’s security risks and recommend the best course of action to protect your data.