This Month Only! >> $20 off and a FREE SHRM tote with your membership and code TOTE2018!
Sign up for free email newsletters and get more SHRM content delivered to your inbox.
Is your employee handbook keeping up with the changing world of work? With SHRM's Employee Handbook Builder get peace of mind that your handbook is up-to-date.
Build competencies, establish credibility and advance your career—while earning PDCs—at SHRM Seminars in 12 cities across the U.S. this spring.
#SHRM18 will expand your perspective – on your organization, on your career, and on the way you approach HR. Join us in Chicago June 17-20, 2018
Knowing what’s out there is half the battle
Members may download one copy of our sample forms and templates for your personal use within your organization. Please note that all such forms and policies should be reviewed by your legal counsel for compliance with applicable law, and should be modified to suit your organization’s culture, industry, and practices. Neither members nor non-members may reproduce such samples in any other way (e.g., to republish in a book or use for a commercial purpose) without SHRM’s permission. To request permission for specific items, click on the “reuse permissions” button on the page where you find the item.
Experts say cybercrime continues to rise worldwide. In fact, it's gotten so bad in Europe that some states in the European Union now report that cybercrime has surpassed traditional crime.
That's why companies need to make sure their employees are aware that they are the first line of defense when it comes to cybersecurity, experts tell SHRM Online.
Opportunity is partially driving the trend, according to the 2016 Internet Organised Crime Threat Assessment (IOCTA) report produced by Europol, the European law enforcement agency located in The Hague, Netherlands
"We have seen the number of reported vulnerabilities rise nearly 170 percent in the past five years, along with the level of complexity and sophistication of threats," said Brian Gorenc, director of Trend Micro's Zero Day Initiative, a program for rewarding security researchers for responsibly disclosing vulnerabilities. Trend Micro, a global cybersecurity company, is headquartered in Tokyo.
New cybercrime tools designed to compromise ATMs and mobile devices are also fueling this trend, experts report. They say companies remain the most lucrative targets.
According to a global analysis by IBM, a single data breach can cost, on average, up to $6.53 million.
Many companies could do a better job of safeguarding against cyberattacks, regardless of whether the tools used to launch them are new or old. "A large part of the problem relates to poor digital security standards and practice by businesses and individuals," the IOCTA report states. "A significant proportion of cybercrime activity still involves the continuous recycling of relatively old techniques, security solutions for which are available but not widely adopted," such as backing up data.
Steven Wilson, head of Europol's European Cybercrime Centre, said "2016 has seen the further evolution of established cybercrime trends. The threat from ransomware has continued to grow and has now expanded into sectors such as health care," which SHRM Online reported earlier this year.
According to the IOCTA report, the top business-related cybercrime trends from 2016 include:
HR Should Be Proactive
Karla Jobling, who specializes in the recruitment of cybersecurity professionals, told SHRM Online via e-mail that there are a number of steps HR professionals can take to ensure that their companies' systems are secure and that their employees fooled by by cybercriminals.
"Good encryption, monitoring, proper identity management, penetration tests and regular updates are all important," said Jobling of BeecherMadden Ltd., a London-based staffing and recruitment firm.
However, many attacks are conducted by very simple means, and making sure all employees are aware of the methods cybercriminals use is crucial to ensure that these attacks do not succeed, she says. She suggests that companies make sure their staffs are trained on how to spot phishing e-mails and whaling attacks and how to practice good password management.
Forward-thinking organizations are also making use of behavioral analytics and machine learning, also known as artificial intelligence, to address potential internal threats. "Companies that have good cyberprocesses in place are looking at their employees' behavior to stop the insider threat before it is a problem," according to Jobling.
[SHRM members-only webcast: AI for HR]
Staying on top of the problem is critical, she added: "Crime changes over time, and cyber is the new fraud. However, if data is the new currency, cybercrime will get worse before it gets better."
Was this article useful? SHRM offers thousands of tools, templates and other exclusive member benefits, including compliance updates, sample policies, HR expert advice, education discounts, a growing online member community and much more. Join/Renew Now and let SHRM help you work smarter.
You have successfully saved this page as a bookmark.
Please confirm that you want to proceed with deleting bookmark.
You have successfully removed bookmark.
Please log in as a SHRM member before saving bookmarks.
Please sign in as a SHRM member before saving bookmarks.
Please purchase a SHRM membership before saving bookmarks.
An error has occurred
Recommended for you
HR Education in a City Near You
SHRM’s HR Vendor Directory contains over 10,000 companies