Building better cybersecurity defenses in the workplace

Read Time: 2 Min
Learn how to build a strong cyber defense and security culture in the workplace by responding to threats holistically through education, preparation, and risk transfer.

While mobile and cloud-based technologies have made it easier to perform everyday business tasks, such as accessing financial systems and monitoring transactions, ensuring the protection of your valuable data and systems requires the right balance of risk and resilience.

Unauthorized access and exploited vulnerabilities are currently among the most prevalent forms of cybersecurity concerns in the workplace. This includes phishing campaigns in which a bad actor mimics a company email address or uses social engineering to impersonate the identity of the CEO, a company attorney or key resource at the company, or trusted vendor. Another ongoing threat is business email compromise, in which bad actors target businesses that regularly perform wire transfers with foreign suppliers and/or businesses with the intent to steal funds.

Managing risk and bolstering security against this type of fraud is increasingly complicated as cyberattacks grow in sophistication and frequency. Securing IT systems involving vital business functions including human resources, supply chain, and research is more important than ever.

And while many organizations have dedicated professionals focused on preventing attacks from the outside, internal weaknesses such as mistakes by employees can be just as important to prevent as phishing attacks, third-party access, and lost devices.

It helps to create a culture where your employees feel free to challenge the need for information, should they receive an email requesting a funds transfer or account information changes, especially with a need for urgency outside of normal business practices. You want to encourage an ever-critical eye and vigilance in taking that extra step to verify before an irreversible transaction is made.

A strong perimeter defense matters as much as properly vetting employees, contractors, third party partners and vendors, while also establishing carefully managed access to the information specific to roles within the organization.

The best defense involves responding to threats holistically through education, preparation, risk transfer, and establishing a strong security culture.

And just as companies are mounting strong cyber defenses, it’s worth noting that experts are seeing an uptick in non-cybercrimes as more bad actors resort to the old-fashioned route, such as check fraud to gain access to company accounts.

Moreover, cybersecurity in the workplace should be viewed in conjunction with an overall business continuity strategy and your financial institution should be integrally involved in helping your business operate and perform successfully. Incorporating a “security first-of-mind” working model enables the business to work collaboratively with their security organization at the start of business endeavors and projects.

At Huntington, we can provide cybersecurity insurance coverage that protects against loss and help you minimize breaches by taking steps such as requiring dual approval on certain monetary transactions and advising on administrative changes that can go a long way to protecting your interests.

Our financial and insurance professionals are available to engage you and your colleagues in conversations regularly about how to avoid all types of risk that can interrupt your business.

And while it's imperative to put a plan in place to prevent data breaches, it is also critical for companies to vet their cyber defenses periodically by testing them with employees and vendors who have systems access. Data security, like all security, is only as good as the weakest link.

It's also important to hold insurance providers, payroll processors, benefits administrators, and others to the same standards as internal users. Third-party providers who have access to any sensitive data regarding customers and/or employees should be held to the same auditing processes and go through the same rigorous vetting process used to ensure the security of internal data.

Every person in the organization has a role to play in mitigating the risk of a cyberattack. At Huntington. we can help you explore how to keep your financial data and transactions safe.

Related Content

Insurance products are offered by Huntington Insurance, Inc., a wholly-owned subsidiary of Huntington Bancshares Incorporated and underwritten by third party insurance carriers not affiliated with Huntington Insurance, Inc.

The information provided in this document is intended solely for general informational purposes and is provided with the understanding that neither Huntington, its affiliates nor any other party is engaging in rendering tax, financial, legal, technical or other professional advice or services or endorsing any third-party product or service. Any use of this information should be done only in consultation with a qualified and licensed professional who can take into account all relevant factors and desired outcomes in the context of the facts surrounding your particular circumstances. The information in this document was developed with reasonable care and attention. However, it is possible that some of the information is incomplete, incorrect, or inapplicable to particular circumstances or conditions. NEITHER HUNTINGTON NOR ITS AFFILIATES SHALL BE LIABLE FOR ANY DAMAGES, LOSSES, COSTS OR EXPENSES (DIRECT, CONSEQUENTIAL, SPECIAL, INDIRECT OR OTHERWISE) RESULTING FROM USING, RELYING ON OR ACTING UPON INFORMATION IN THIS DOCUMENT OR THIRD-PARTY RESOURCES IDENTIFIED IN THIS DOCUMENT EVEN IF HUNTINGTON AND/OR ITS AFFILIATES HAVE BEEN ADVISED OF OR FORESEEN THE POSSIBILITY OF SUCH DAMAGES, LOSSES, COSTS OR EXPENSES.

Third-party product, service and business names are trademarks/service marks of their respective owners.