5 hot topics to include in your cybersecurity awareness program

You've heard me say this before, and I'm saying it again… your cybersecurity awareness program needs to be built with purpose. When you build your program with purpose, your program will be different from mine, Bill's, and Sally's.


BUT…

There are some topics that every cybersecurity awareness program needs to address, and I've got


5 HOT TOPICS YOU NEED TO INCLUDE IN YOUR PROGRAM

  • Building a culture of cybersecurity – it's YOUR responsibility
    • Cybersecurity isn't just my responsibility. It' isn't everyone else's responsibility. It's YOUR responsibility. Each person in your business makes a difference, and everyone needs to be invested in creating and maintaining a secure environment, and it starts with culture.
  • Humans are the key to defending your business
    • Tell your humans that they matter to you and why they matter.
  • Social engineering
    • Tell your humans what social engineering is, why it's being used, and how it's being used against them
  • Phishing Emails
    • Phishing emails are the #1 way attackers get into your business. If you're not talking phishing emails, then you've got a gap. Raising awareness is more than just sending phishing email tests to your employees. You need to talk about them, show them examples, and share how to catch that phish.
  • Passwords
    • Keep beating that dead horse. Tell them why passwords matter and the benefits of using a password keeper.


To learn more about social engineering register for my on-demand video training, Social Engineering: The Art of the Click.



Comments

Post a Comment

Popular posts from this blog

will the real slim shady please stand up?

Image
Let’s talk about phishing emails and impersonation. Hackers often use impersonation to get you to open their phishy emails. If the email is from someone you know you’re more likely to open it. For many years, Microsoft was the most impersonated company in phishing emails. It makes sense, I mean, what big business doesn’t use Microsoft? But there’s a new winner, and it’s DHL. In Q4 of 2021, DHL was the most impersonated company in phishing emails, thus dethroning Microsoft? Why the spike? Bad guys follow the money. Q4 means shopping, and with spikes in online shopping again last year, it only made sense that even more cherished Christmas presented would be shipped. How does it work? The attacker used a from name of ‘DHL Customer Support’ The Subject contains ‘DHL Shipment Confirmation…’ It works, because who doesn’t want to know where their package is?! Beware, DHL wasn’t the only shipping server that’s impersonated. FedEx entered the top 10 list as well. How can your cybersecurity awar
Read more

Cybersecurity Careers

Image
The theme for Week 2 of Cybersecurity Awareness Month is Explore. Experience. Share. (Cybersecurity Careers) Cybersecurity is one of the hottest sectors today, with new threats and challenges emerging daily. There is a huge push in the business and education sectors to attract individuals to a cybersecurity career. Are you or someone you know interested in joining this exciting workforce? Here are a few reasons to pursuing a career in cyber. Hot Job Market To say that the cybersecurity jobs market is hot is a vast understatement. According to the U.S. Bureau of Labor Statistics, the job market for information security analysts will grow by 32 percent by 2028 -- making it one of the fastest growing job sectors -- there will be 3.5 million unfilled cybersecurity jobs in 2021. This means that cybersecurity professionals are among the most in-demand around the world and will be for years to come. Infinite Room for Personal and Professional Growth Beyond the ability to get a cybersecurity j
Read more

WhisperGate - Why it's Different

Image
Have you heard of WhisperGate yet? It’s ransomware. But it’s not. Let me explain. First off, ransomware is typically categorized by the fact the files on your computer get encrypted and you can’t get to them until you pay the ransom. You pay the ransom, and then you’re supposed to get the decryption key to unlock your files. WhisperGate is playing by a different set of rules. WhisperGate tells you they’ve corrupted your hard drive and if you want to recover your files, you need to pay $10,000 to a bitcoin wallet. Seems like ransomware, right? Unfortunately, they never send you a decryption key, and while you’re sitting and waiting, they’re overwriting all of your data, so you can’t recover. YOU CAN’T RECOVER. This is NOT ransomware; this is destructive malware. There are two cybersecurity awareness opportunities here. First, share information about this ransomware message and let them know how and where to report this when they see it. Second, get together with your IT and disaster rec
Read more