A major US-based kitchenware giant Meyer Corp has disclosed a cyber attack that may have led to the exposure of employee data. Meyer discovered an external hack to their employee database system, but is yet to confirm the number of employees impacted and the extent of the data breach.
The Kitchenware data breach is yet another reminder that employers need to take action in order to protect their employees from having their critical information stolen.
The solution to preventing incidents like this is two fold: training and technology. Training plays a vital role in any rounded approach to cybersecurity by arming as many users as possible to be alert to risks and follow best practices. The problem is, much of these training efforts are little more than an exercise in box ticking, covering the basics with employers then assuming their staff will remember what they need to do on every single occasion in the future when they are exposed to risk.
People should understand that protecting their organisation from the impact of a security breach isn’t just about always applying every element of their training on every single occasion, it’s also about raising the alarm if a breach may have occurred without fear of punishment. Whether they are right or wrong, employees should be encouraged to always raise the alarm if something doesn’t feel right.
On the technology side, taking a proactive, zero trust (never trust/always verify) approach to cybersecurity and having the measures in place to prevent attacks from penetrating your systems is critical. It’s also far more efficient and cost-effective than relying solely on your employees.
The Kitchenware data breach is yet another reminder that employers need to take action in order to protect their employees from having their critical information stolen.
The solution to preventing incidents like this is two fold: training and technology. Training plays a vital role in any rounded approach to cybersecurity by arming as many users as possible to be alert to risks and follow best practices. The problem is, much of these training efforts are little more than an exercise in box ticking, covering the basics with employers then assuming their staff will remember what they need to do on every single occasion in the future when they are exposed to risk.
People should understand that protecting their organisation from the impact of a security breach isn’t just about always applying every element of their training on every single occasion, it’s also about raising the alarm if a breach may have occurred without fear of punishment. Whether they are right or wrong, employees should be encouraged to always raise the alarm if something doesn’t feel right.
On the technology side, taking a proactive, zero trust (never trust/always verify) approach to cybersecurity and having the measures in place to prevent attacks from penetrating your systems is critical. It’s also far more efficient and cost-effective than relying solely on your employees.