[Reading time: 1 minute]
You protect your home against the most likely crime.
To reduce the risk of your home being burgled, you probably have a monitored alarm system, deadlocks and other security measures.
You know that if a highly-skilled and determined burglar wants to gain access to your home, these security measures may not be enough to stop them.
But you also know that most burglars are not highly-skilled and determined – They’re opportunists.
They don’t care about your house and your belongings. They just want to find an easy target.
So, you focus your efforts on reducing the likelihood of an opportunist gaining access to your home.
You are focusing your efforts on managing and mitigating the most likely risk.
It’s an absolutely logical approach that you should also adopt for your firm’s cybersecurity defences.
Yes, the Russians, Iranians, Chinese or American state-sponsored agencies could probably get through whatever defences you put in place.
But you probably don’t need to think about these big guns.
You need to think about the opportunists – The ones looking for an easy-in and easy-out.
Because if (or when?) you are a victim of a cyber attack, it is likely to be an opportunist crime.
What are two common components of an opportunist cyber attack?
An email sent to a staff member
A staff member trusting that email
Two questions you should consider about your cybersecurity defences:
What steps have been taken to reduce the likelihood of a dodgy email getting to the inbox of a staff member?
What steps have been taken to reduce the likelihood that a staff member will trust a dodgy email that does get through?