[ad_1]
A woman working in an office looking at her computer with concern. Getty Images/Million Hours
It’s October, so it’s that time of year again. No, it’s not Halloween. This is Cybersecurity Awareness Month meant to remind you how important it is to be aware of cybersecurity threats.
Things to know about phishing attacks, the importance of using strong passwords, or using multi-factor authentication (MFA) if your organization uses it You may have been alerted by HR about the most common cybersecurity issues with in place.
Whether at work or in all aspects of daily life, it’s good to provide people with useful advice on how to stay safe online.When new security flaws are discovered, vendors fix them before hackers can exploit them. There is a constant race between software companies and hackers to see if they can do it. But even just providing some basic advice on how to protect yourself from an attack can go a long way in stopping a breach.
And, of course, cybersecurity awareness is not something that can be pointed out one month a year, especially a few months ahead. Nor does the way some companies choose to use fear to make people aware of cybersecurity.
For many organizations, users are the first and often last line of defense against cyberattacks. But not being properly informed about what it means to be safe online can leave everyone vulnerable.
Indeed, if someone clicked on a compelling phishing link that claimed to require a password to view the content, or if someone downloaded what they believed was a legitimate attachment. , Trojan horse malware can cause big problems if it contains a backdoor. for their organization.
The “urgent” request from your boss is actually a Business Email Compromise (BEC) attack used to steal your money, or someone hacked your account and you need to follow a link to restore it. Contains false alerts. A link that actually steals the password. Scammers use lures based on cost of living crises to trick people into becoming victims of their attacks.
Also: Want to improve your cybersecurity? Here are 10 steps to improve your defenses today.
For many professionals, opening email attachments and clicking on links is part of the job, even from unknown senders. And there are so many of them that eventually something slips through.
Cybersecurity Month is certainly a good start, but both your cybersecurity team and your executive team need to ensure that helpful advice and support is available all year round. And the focus on cybersecurity needs to reach or start with the board of directors.
Also: The biggest cybercrime threat has little to do with technology
Also, remember that creating mistrust with misleading phishing tests, or blaming victims for failing tests, doesn’t help anyone.
In a recent interview with ZDNET, Google’s red team leader said it’s okay to blame victims when testing security. For them, security is as offensive as a malicious hacker. When he conducts tests, it’s not about who clicks a link, but what works and how to prevent attackers from leveraging the same exploits. to find out.
There are lessons to be learned about how to practice cybersecurity awareness. It’s about making sure your employees are aware of the threats out there and are protected from them.
But it has to be done with empathy – pointing out blame doesn’t help anyone. If you worry about not mentioning it, it can mean big problems for your organization.
You can’t scare people into being aware of cybersecurity issues for one month of the year, but providing guidance and advice all year round will improve cybersecurity for everyone.
ZDNET’s Monday Opener
ZDNet’s Monday Opener is the first technology article of the week written by a member of our editorial team.
Previously at ZDNET’s Monday opener:
[ad_2]
Source link
