Company officials who neglect email security -- a corporation’s greatest cyber vulnerability -- would fare extremely poorly if they brought the same approach to the poker table, according to new research that draws parallels between cybersecurity and the infamous high-stakes game.
The risks of failing to implement proper email security seriously outweigh any benefits, according to the 'Odds of a Bad Bet' report by Wire. Enlisting the help of a poker champion and various cybersecurity experts, researchers assessed the odds of falling prey to cyberattack, the business cost of such an account, and the 'best bet' of future-proofing against an attack.
A notable, but not very surprising, finding is that a company’s weakest links are its email and its people. An employee is three times more likely to infect a colleague with a malicious email than they are to spread the flu to their partner, the report says. Employees are also extremely bad at spotting phishing emails – their chances of spotting one are about as slim as hitting a specific number on the roulette wheel.
“Email offers the most significant access point for criminals by exploiting a human fallibility -- the inability to spot malicious emails. Just as with gambling, the outcomes are influenced by people and their judgement. The fact that employees are unable to discern malicious emails from safe ones, points to the inherent vulnerability of email,” the report’s authors said.
Other interesting parallels between real-life scenarios and the business world include:
To see businesses fail to prioritize cybersecurity is “akin to the behavior of a delusional problem gambler,” said Liv Boeree, poker champion and contributor to the report.
Switching gears, researchers used the same methodology to identify the 'best bet' of future-proofing against an attack. Two examples are given:
Recent studies on the state of cybersecurity in the business world have found similar results. A recent report by insurance giant AIG reveals that Business Email Compromise (BEC) is a new leader in the list of top threats causing losses for businesses. In BEC scams, attackers use social engineering tactics to trick victims into wiring money to an address controlled by the attacker. For example, after compromising an executive’s credentials, they use their email account to demand a money transfer in their name from the finance department. Other times, attackers impersonate foreign suppliers requesting fund transfers for payments.
tags
Filip is an experienced writer with over a decade of practice in the technology realm. He has covered a wide range of topics in such industries as gaming, software, hardware and cyber-security, and has worked in various B2B and B2C marketing roles. Filip currently serves as Information Security Analyst with Bitdefender.
View all postsDon’t miss out on exclusive content and exciting announcements!