Are your employees up to date on their security awareness?

Cyberwarfare is a part of a new reality as evidenced by the distributed denial-of-service (DDoS) attacks targeting the websites of the Ukrainian defence ministry, army, and two of the country’s largest banks several days before the Russian invasion. These were the most significant attacks of this kind the country has ever faced, according to government officials.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issuance of a “Shields Up” alert for all organizations, means adopting a “heightened posture when it comes to cybersecurity and protecting their most critical assets.” In an era of cyberwarfare, companies are often the first line of defence against cyberattacks that could cripple critical infrastructure and devastate many other sectors. We are sharing this pertinent reminder for our customers to ensure their employees are up to date on their security awareness. 

Some critical points to help your organisation and employees:

  1. Confirm the authenticity of digital communications, especially if they contain sensitive information. This can be done by reaching out directly to the sender, watching for abnormalities (such as misspellings, strange domain names, etc.), and cross-checking contact information with legitimate websites and records.
  2. Establish incident reporting mechanisms and don’t penalize employees for being transparent. Companies should incentivize open communication from employees about potential cyberattacks, even in cases where those employees may be at fault.
  3. Continually inform employees about the risks of working remotely and personal devices. Home networks are often more vulnerable to cyberattacks than office networks. The risks are even greater when employees work in coffee shops, airports, and other public places, which is why they should always use a VPN and understand physical device security.
  4. Facilitate cooperation between departments and teams. From reporting mechanisms to cybersecurity standards, your approach to data security, incident response, and all other elements of your cyber defences should be integrated across the company.
  5. Empower your employees to protect themselves and the company. Headlines about Russian cyberwarfare, large-scale breaches, and so on can be demoralizing and intimidating. Companies should remind employees that they have the power to drastically reduce the risk of a successful cyberattack.

Awareness for every end-user at work, home, and school is a critical level of defence that we cannot ignore. If there is anything we can do to share additional insights please don’t hesitate to let us know.

Malcom Dale, Director
"You can really rely on Think I.T. The whole team is responsive and proactive. For us, they are not just a technology provider but also our expert advisers, giving us professional, informed advice even where the best solutions aren't necessarily in their own interests."

Malcom Dale, Director
gardyneHOLT design partners
10-20 users, Think I.T client since 2000

Blog

4 Action Steps to Prepare your Business for the upcoming Privacy Act Changes

With NZ privacy laws changing and the revised Privacy Act coming into play on the 1st December 2020, make sure your business is prepared. To ensure you have the knowledge to stay on top of this, we have put together four action steps you can take now, to prepare for these changes.   1. Client Information and Data Storage   It is...  more...