Businesses often think about the weakest link in security as being some technical aspect, but in today’s world it is not. 61% of businesses has had an incident in the last 12-months. Over 90% of them started with a phishing email. The weakest links in Cybersecurity are most often people and passwords.

People

We are all human and can make a mistake or be tricked. All too often, we are busy, wearing multiple hats, trying to multi-task to get things done. Working this way can cause us to act quickly and not really take the time needed to identify phishing scams. Or we tend to make haste decisions about how we are connecting or what we are downloading.

Empowering your employees with the proper training will strengthen their ability to help protect your business against cyber attacks.

Many employees fall into one of these 4 categories. If you can identify employees with these traits, you can also understand who may need more attention.

The Skeptic

This is the person who never thinks it will happen to them. They often do not take security seriously or follow the necessary safety precautions.

Cyber-criminals are out there and very good at staying under the radar, making it difficult to spot if you are not looking for them. These employees are the most likely to fall victim, and often need the most training.

The Procrastinator

This is the person who understands the risk but is always putting off doing the right thing to address issues.

This person may not need as much training, but this is why if you as a company focus on security, they will too.

The Naïve

This is the individual who is often too trusting and inexperienced. They are the remote user who uses the Public Wi-fi at the coffee shop to do all their work. They often just do not know what they do not know and leave themselves vulnerable.

These employees need the education to know what to do and what will make them vulnerable. While they believe they are surrounded by good people, there are people with malicious intent out there hiding in plain site.

The Employee with Good Intentions

These are the best employees! They are cautious, always on the lookout, and follow the best practices, like strong unique passwords.

Even the most informed employee may not know when they are a target. This is why providing your team with the latest cybersecurity awareness training is crucial.

Passwords

Too many small businesses do not take password security seriously. This only leaves their business as low hanging fruit for cyber-criminals. There are some best practices you can put in place. But first, if you or anyone in your organization are using any of the following, you should change your password immediately!

10 Most Commonly Used Passwords in 2022

1. 123456
2. 123456789
3. Qwerty
4. Password
5. 12345
6. 12345678
7. 111111
8. iloveyou
9. 123123
10. Qwerty123

It is hard to believe, but yest, these are still the most commonly used passwords in 2022!

Password Best Practices

When everyone in your organization understands and follows passwords best practices, they can significantly increase your cybersecurity posture.

Use a Password Manager

A password manager will help you generate and store strong passwords for all of your online accounts. They can help you keep track of all of the passwords you have and ensure they are unique for every account.

Use Multi-Factor Authentication

Multi-Factor Authentication is another form of authentication in addition to your password. You can use it on your phone, through another device, or another account. While it is not perfect, it is a robust security measure that will make it more difficult for hackers to gain access to your accounts.

Avoid reusing passwords

If a hacker gains access to one of your accounts, they will try to use that same passwords to access other accounts. By using different passwords, you are limiting the damage a hacker can cause.

A password manager will help combat this. But if you don’t use them, it is still not safe to write them down where a bad actor could see it.

Don’t use information available on Social Media

Many people use social media to connect to friends, family, and to socialize. These platforms are a source of valuable personal information that cybercriminals use to target individuals. It is important to avoid using any information that may be on your social media accounts in a password.