Enzo Biochem, a New York healthcare firm, just paid $4.5 million because it failed to ensure its employees didn’t use “Password123” and stamp it on their foreheads.
Okay, it wasn’t quite that blatant, but pretty close. Despite completing several security awareness training (SAT) courses, which virtually every company requires, five employees shared simple login passwords and one of them hadn’t been changed in ten years. I’m pretty sure all SAT training courses advise against this, but these employees ignored what they’d been taught.
As a consequence, Enzo exposed personal and sensitive information on almost 2.5 million individuals. The total hit may be close to $10M given the fines, recovery costs, and customer loss due to brand damage.
This is not an isolated incident and it can happen to almost any firm. In fact, Gartner and Forrester agree that over 90 percent of security breaches that lead to ransomware attacks are caused by human error—people making mistakes.
Whether it’s caused by bad password management, clicking on email phishing links, incorrect WiFi usage, or whatever, attackers exploit mistakes to get in the door and wreak havoc. Traditional SAT solutions are obviously failing to address these issues, as evidenced by the Microsoft 2023 Digital Defense Report, which says SAT only reduces phishing clicks by 3 percent. This is why Gartner and Forrester now admonish moving away from outdated SAT and adopting Human Risk Management (HRM).
The Gallup 2024 State of the Global Workplace Report says almost 80 percent of employees are disengaged, which leads to 60 percent more mistakes. Since mistakes lead to security incidents, like the Enzo or CrowdStrike debacles, improving engagement is paramount.
Typical annual employee engagement surveys, which ask if you like your job, boss, or dog, are evidently not working. Gartner and Forrester say we need to create security aware cultures by using behavioral science to predict and adapt to risky human behaviors.
Unfortunately, they also note that none of the typical SAT vendors will have this for another four to eight years. All except one.
“RemotelyMe offers unique technology that could make them an HRM leader, including the behavioral science Gartner and Forrester say is a key requirement that's missing from other solutions.” – Rob Smith, former Gartner Analyst and Managing Director of Lionfish Advisors
RemotelyMe is the first to use predictive behavioral science to map biomarkers to behaviors. Using visual neuroscience, the Career Quotient Indicator (CQI) Assessment only takes nine minutes to measure risk, trust, and leadership factors, as well as learning styles and nine key soft skills. The latter are important as Harvard and LinkedIn say 90 percent of job success…or failure…are now related to soft skills, which have a direct link to engagement.
This can help firms better predict which employees have higher security and engagement risks. Profiles based on brain chemistry (without requiring blood or urine tests) help determine which employees might be prone to phishing lures, WiFi mishaps, or bad password management. Also, for HR, to low productivity and retention.
Typical SAT vendors only offer one-size-fits-all training that can cause employee friction. RemotelyMe personalizes training based on risks, roles, and learning styles. Mike in IT with low risk scores gets different training as compared to Mary in Marketing with high risk scores. Personalized courses for soft skills, including trust and leadership abilities, are also included.
The RemotelyMe platform includes SAT courses, phishing and tabletop exercises delivered with visual gamification that increases content retention by 16X. Given new compliance mandates for the NIST Cybersecurity Framework 2.0, PCI DSS 4.0, HIPAA 2023, GDPR, etc. that now include HR and HRM requirements, the platform also includes HR-centric features for recruiting, employee engagement, and learning & development.
While the platform can augment other SAT solutions like KnowBe4, Proofpoint, Mimecast, Living Security, etc., many firms are lowering costs by eliminating these—as well as L&D solutions—to move toward the benefits of HRM. You can learn more and schedule a demo at this link: https://bit.ly/rmedemo.
About the CEO
William Craig Reed is the New York Times bestselling author of several books including the #1 Gold Medal Business Book, Start With Who, that Ken Blanchard (One Minute Manager) says is “thought provoking,” and the award-winning 7 Secrets of Neuron Leadership. Reed is a former U.S. Navy Diver and has a Neuroscience Certification from Harvard University.
Commentaires