Guess Who Game | Nutmeg Consulting

Guess Who: Where Are Your Security Threats Hiding?

Guess who is on your team and who is on the other side? You would think the answers would be clear: my staff are on my team and those who want to see us fail are our enemies. But sometimes, even your staff who have the best intentions make mistakes that threaten your business. Of businesses affected by viruses and malware incidents, 53% consider careless or uninformed employees to be the cause of the incident.

Some of the players who are a threat to your business are hiding in plain sight because they’re not even aware of it themselves. Here are 5 types of players who could be a danger to your organization.

Hackette the Hacker

Hackette is fed up with playing the game the right way. She decides it’s time to make some easy cash. She’s a major threat to your organization because she’ll do whatever it takes to get her payout. That might mean finding a hole in your cybersecurity to exploit or target different employees with phishing emails. No matter how long it takes, Hackette is determined to drain money from your organization.

Know-It-All Nicholas

Nicholas never bothers to complete the required IT trainings, or even to open the emails from the IT department. After all, he’s too knowledgeable to fall into a hacker’s trap. He would never become a victim like some of his gullible coworkers. But when he opens an email that he thinks is from a new client and accidentally clicks on a phishing link, he exposes his organization’s network before he even knows it.

Careless Carla

Carla in HR needs to plan her next vacation and she wants the best deal on tickets. When a website promises that if she just downloads their software, she’ll get access to the cheapest tickets on the web, she hits the download button without thinking. Before she knows it, she downloads a virus, and a cybercriminal has access to all the HR information stored on her device.

Arrogant Adam

He’s busy, impatient and too important to waste his time on IT. Adam’s high-powered career is what matters, not taking silly little precautions. When he receives an email directing him to restart his computer and ensure all updates are complete, Adam doesn’t think twice about it and immediately hits delete. “No time to restart, I have business to conduct!” Because he never restarted his computer and his device never installed those critical updates, a team of hackers can exploit that software vulnerability through Adam’s profile.

Trusting Tommy

Tommy the receptionist receives an email that looks like it’s from his boss requesting that he send sensitive information so he can pay an invoice. The name of the sender on the email is identical to his boss’s name, but he doesn’t think to look twice at the email address, which isn’t the boss’s. Tommy gets the information ready to send, unaware that he’s about to fall victim to a social engineering attack.

Don’t Play “Guess Who?” With Your Cybersecurity

When an insider makes a mistake, the threat goes undetected for longer because it’s coming from within the employee base, allowing hackers a longer window to set up camp into your systems, which can be disastrous.

Identify your weak links and make a plan of action for protecting your organization. Our team at Nutmeg Consulting is here to strengthen your disaster recovery plan, business continuity and cybersecurity.

Let’s talk cybersecurity today