Including Staff in Security Strategies

Including Staff in Security Strategies

When it comes to cybersecurity, your employees are simultaneously your biggest benefit and your most glaring weakness. This is outlined in a story that emerged from automaker, Tesla. Let’s take a look at the particulars and talk about including staff in security strategies.

Including Staff in Security Strategies: Tesla’s Near-Sabotage

In August 2020, a Russian businessman was indicted on charges of conspiracy to intentionally cause damage to a protected computer. This was after he attempted to recruit a current Tesla employee to install malicious software on the automaker’s Gigafactory network. 

The hacker, 27-year-old Egor Igorevich Kriuchkov, contacted an unnamed Tesla employee he had previously come into contact with. Using Facebook-owned messaging app WhatsApp, Kriuchkov set a meeting with the employee on August 3, 2020. At this meeting, Kriuchkov offered the employee money to help him steal data from the company using malware. 

The attack was to work as follows: they would simulate a Distributed Denial of Service (DDoS) attack. Then, with access provided by the employee, Kriuchkov and his associates would infiltrate the network and steal data. At this point, the hacking team would demand a ransom for the stolen data. 

Court documents suggested that when Kriuchkov attempted to follow up with the employee, they weren’t alone in the meeting. The employee had reached out to the Federal Bureau of Investigation. The FBI surveyed the meeting, where Kriuchkov repeated the particulars of his proposed scam. He admitted that his hacking collective had stolen from other companies, with the help of sitting employees. The employee also received assurances that one of his/her coworkers could be blamed for the breach. 

Ultimately, the FBI collected enough evidence against Kriuchkov to make an arrest. He now faces up to five years in prison.

This outlines just how important your employees are to your business’ data protection and cybersecurity initiatives. 

Including Staff in Security Strategies: How To

How to Minimize Insider Threats

Education is a big deal. If you want someone to do something proficiently, they’ll need training. Here are a few suggestions on how to make cybersecurity a priority to your staff. 

Build Your Company Culture Around Cybersecurity

To ensure that you have the best chance to ward off insider threats, make cybersecurity a priority. In doing so, you will unify your team’s efforts to help protect your business.

Educate Your Staff on Emerging Threats

Cybersecurity is a big issue. It’s not as if one thing will protect your network and infrastructure from all the threats it faces. To get help from your employees, you will need to commit to educating them on the threats they could encounter. 

Train Your Staff About Cybercrime

It is helpful to train your staff on the cybersecurity best practices, but without context chances are it won’t stick. By telling them what could happen as a result of negligence, you can get their attention. The more they understand how their actions could cause major problems, the more diligent they can be.

If you would like some help figuring out your company’s security training platform, we can help. Call us today at (973) 659-1350.