When the holiday season approaches, there are mixed feelings for those executives who know what this means for the security risks their business will face.  There’s a rise in phishing emails, malware hidden on website ads that are just waiting for employees to click on them, and the new digital devices that arrive in high numbers right after Black Friday (or even before), Cyber Monday and all the way through Christmas to sometime after New Year.

 

CIOs and CISOs are well aware of this yearly threat; while CEOs may not know as much on the matter.  Luckily, the security industry is always looking for ways to help in this area.  McAfee recently announced this year’s most hackable gift list to help consumers identify the potential risks and their survey also looks at the habits and behaviors of consumers when receiving those hackable holiday gifts.

 

Before we look at the information from a business security perspective, let’s look at what consumers are doing based on the study.

Consumer holiday gift habits

  • 20% of consumers would buy a connected device with known security vulnerabilities.
  • Fewer than 30% of consumers think that devices like drones, VR headsets, fitness trackers and toys need to be secured.
  • More than half of consumers surveyed feel up-to-date on news surrounding security of connected devices.
  • 51% take precautions to secure their new connected device.
  • 36% of consumers are updating the software on their devices before they start using them (a slight increase compared to 2016, where only 32% of consumers did this).
  • 69% of consumers agree that security is a necessity for laptops, tablets and smartphones.
  • 91% of consumers claim that they know it is important to keep their online identity and devices safe, but only 53% take the necessary steps to implement protection.
  • 16% of consumers assume that the manufacturer has built security into the product, and another 22% know they need to put security precautions in place but don’t know how.

Consumer holiday gift security measures implemented for protection

  • 54% of consumers use a PIN to protect their devices.
  • 34% of consumers use a password manager.
  • 45% of consumers act on software update alerts.
  • 41% purchase antivirus software.

From a business security perspective, the devices that come in need to be set up to use according to a set up BYOD policy.  Even though employees are using PINs, password managers, and antivirus software that isn’t enough to protect the network.  The measures taken by consumers are only a first step, while in order for a CIO to have all eyes on vulnerabilities requires a second set of measures that are upheld within the office environment.

 

In addition to BYOD policies you want to talk about security risks like phishing emails, buying holiday gifts while on the company network or on a company device.  You also want to conduct a network assessment and set up alerts to identify newly connected devices ensuring you know what to look for as potential new vulnerabilities.  Lastly, since employees are the least trained on security measures, setting up a to do list for them to act can on, something easy to understand to ensure they implement the right security measures at all times with their new device.

 

If you have any concerns with holiday security risks and aren’t really sure where to start or how to go about implementing an effective posture, give us a call.

 

Our security experts are here to help you stay safe during the holidays and long after.  Schedule your free cybersecurity consultation today!

 

Photo courtesy of vchal