October marks the 18th year that the United States Government has recognized the ever-growing need for cyber security awareness among the nation by dubbing this month “Cyber Security Awareness Month.” Why would the federal government have a vested interest in cyber security? Over the last twenty or so years, Americans have been doing more business, socialization, and communication of sensitive information over the internet. When security measures are low, Americans are affected financially, emotionally, and even legally sometimes. So this month is an excellent time to refresh your knowledge regarding security measures in the big world of the internet. As of 2021, 76% of American businesses have been affected by a cybersecurity attack, so grab a pencil and let’s get to work on our cyber security skills.
Whether you’re a business owner or employee, take some time to brush up on these skills. You might impress your IT Director by bringing up these points in the next weekly meeting. These tips will assist you and your business to stay on top of security measures:
Practice Phishing Fire Drills
As sneaky as it may seem, have the IT Director send out a “test phish” to all employees and see if anyone takes the bait. Send a data-capturing link to see who opened the mysteriously labeled link. Don’t publicly embarrass employees, but do require those that clicked the link to attend mandatory training on phishing and its potential effects on businesses. Sound a little harsh? Well, if your employees do accidentally and unknowingly participate in a real phishing scam, your company could be out thousands of dollars on recovery efforts. It’s worth training and a security refresher for those that were a little too trusting.
Require Password Changes with Strong Limitations
Employees WILL groan about this one, and we get it. It’s easy to remember “Fluffy123” vs. something like “Ex’cv5_djJ?7” because it rolls off the tongue a bit smoother. But easy passwords mean hackers can easily break into corporate systems and servers, leading to several deeper issues. Once the initial password stage is breached, hackers have access to digital information that can be subject to ransomware attacks, costing thousands or more for the company. Require a password change every six months, and try to reiterate the importance of lessening the sting.
Use MFA When Possible
Multi-Factor Authentication can also seem to be a pain in your employee’s rears; however, it’s just one extra cautionary step to stopping hackers from breaching the system. In addition, most businesses work off platforms that allow MFA, so consider having a contest where the more employees that sign up for MFA can be entered to win a gift card or prize. Yes, they will have to click an extra button or answer an additional text, but the reward of protecting sensitive information is so great that it can be worth the trouble.
Teach them the Art of Voice and Tone
One of the easiest ways to teach a vital cybersecurity tip to employees is to recognize their colleagues’ and executives’ voices and tone. Hackers will often use the CEO or COO’s email address to send to employees because they are likely to respond quickly and not irritate the executive. But does the CEO generally end emails with “Kind Regards?” Probably not. This is not a sure-fire way of detecting fraudulent activity, but employees should be made aware that an executive will never ask them to buy Apple gift cards over an email. Instead, employees should have an open communication line to the IT department to report any suspicious activity safely and effectively.
In case you missed it, check out our latest blog “Does Your Company Need Systems Breakdown Insurance?” to see how your company could save millions of dollars by securing your business’ system.
