Cyber Security Awareness

Make Cyber Security Awareness a Focus for 2023

SHARE

Consider the following statistics. Cybercrime increased 600 percent during the pandemic, and 95 percent of cyber incidents occur due to human error. Cyber threats have grown in number and sophistication, and thus cyber security awareness must also move to the next level. Forward thinking organizations will make this a priority for 2023.

During cyber security awareness month, the Cybersecurity and Infrastructure Security Agency (CISA) emphasized four key habits to encourage in your staff:

  • Think before you click (recognize and report phishing)
  • Keep software up to date
  • Use strong passwords
  • Enable multi-factor authentication (MFA)

Recognize and Report Phishing

For years, cyber criminals have used phishing to capture sensitive information or gain unauthorized access. Phishing, a common form of social engineering, involves a bad actor sending a seemingly trustworthy email. The email might prompt the victim to reply with sensitive information. Or it might include a link to a phony website or malicious file.

To protect against phishing attacks, organizations can and should use anti-virus and anti-malware programs, firewalls, and email filters. However, even with the best technology, phishing attacks will happen. Thus, the best defense lies in empowering cyber aware employees who recognize, report, and respond appropriately to phishing attempts.

Train every employee to recognize the signs of phishing. These can include a generic greeting or subject, spelling or grammar errors, a sense of urgency and unusual requests for confidential information or money. Employees should also know how to spot potentially fake email or website addresses. And they should know how to report suspicious activity.

To cement security awareness training, bring it home with phishing simulations. In a simulation, users periodically receive emails that mimic a phishing email but do not pose any real danger. Administrators track the emails and responses to determine the effectiveness of training and provide any necessary follow up.

Cyber Security Awareness

Apply Software Updates Promptly

Any given computer, laptop or mobile device contains dozens, even hundreds, of software programs. These include not only the productivity apps like word processing but also device drivers, audio players, anti-virus programs, operating systems, and web browsers.

Periodically, software vendors will release updates to their programs. And all too often users and companies delay installing these updates. This introduces a significant security risk, as one common purpose for updates includes patching security vulnerabilities. Hackers keep an eye on vulnerability reports, and they will exploit them.

Organizations should take time to implement a patch management program. This will involve taking an inventory of all assets and security systems and creating a timeline and process for installing patches on a regular basis.

Manage Passwords and PINs

Over 60 percent of data breaches involve stolen or weak credentials (username and password). For instance, if hackers can gain the credentials for a highly privileged user, they can steal data or create havoc in the system. Consequently, companies need to create and enforce strong password policies.

As a rule, passwords should not include actual words, nor should they include numbers in a sequence. Create a long password with a combination of upper-case and lower-case letters, numbers, and symbols. To make things easier and safer, consider using a password manager with a built-in random password generator.

IT departments and other users with high-level access need to be particularly careful. Be sure to change default passwords. And never share or reuse passwords.

Enable MFA

Passwords alone will not provide sufficient protection. However, statistics from both Microsoft and Google show that using MFA as an additional security layer can thwart nearly 100 percent of automated attacks.

When implementing MFA, implement across the entire organization to avoid leaving doors open for hackers. And, because the success of an MFA program depends on user experience, make usability a priority. Educate end users and give them choices of what authentication factors to use, whether biometrics, an authentication app, or some other factor.

Make Cyber Security Awareness Integral to Company Culture

To prove effective, cyber security awareness requires a deliberate, multi-faceted approach. When consistently and properly educated about security threats and security best practices, your users can become your best defense.

eMazzanti stands ready to help, with educational materials, free security assessments and a full menu of cyber security tools and services.

Download Article PDF

MXINSPECT Email Defense

Complete Defense Against Today’s Email Threats

Multi-Factor Authentication

Passwords are no longer enough.

Security Awareness Training

Reduce phishing attacks and malware infections.

UPCOMING VIRTUAL EVENTS

Demystifying Cyber Security for SMBs

sb-cyber-security-master-class

The continually changing threat landscape requires us to update best practices and add new concepts to keep your organization safe.

SESSION 4: Cyber Security Strategy
Watch On-Demand

SESSION 5: Cyber Insurance & MFA
Watch On-Demand

SESSION 6: Threat Detection | JAN. 15

Microsoft Copilot
Master Class Workshop

sb-microsoft-copilot-master-class

eMazzanti will host 60-minute Master Classes, that speak to how AI can help your business streamline and grow.

In each session, you will have Artificial Intelligence and Automation explained, view a live demo of Copilot, and see it live in action in a dynamic format.

RESOURCES

Cyber Security Awareness Hub

sb-Cyber-Security-Awareness-Hub

Cyber Security Awareness Kit, designed to be delivered to your team in bitesize chunks.

We are sharing the resources and highlighting services your organization needs, covering everything from multifactor authentication to software updates, showing your users just how easy it is to improve their security posture.

Resource Library

sb-resource-library

Insights to help you do what you do better, faster and more profitably.

> Tips to Stay Protected Against Phishing Attacks

> Understanding Ransomware 

> The 6 Known Wi-Fi Threat Categories Targeting Your Business and How to Defend Against Them

> Practical Advice for Avoiding Phishing Emails

Recent Articles

NEWSLETTER

Categories