31 Mar Security Awareness Recap
Thank you for following along this month as we talk about security awareness. We want to be able provide your company with the best knowledge and technologies to empower your users to be the first line of defense for your company. We hope that you have found these articles helpful and informative. We covered several hot topics within the security space. Let’s recap them below:
The launched of the New Security Awareness & Training Program
Our new Security Awareness & Training goes beyond a typical training software program. We provide a hands-on approach to personalize the training to fit your company’s needs. The program includes in-person training sessions and security assessments with our experienced technicians.
Without the proper training in place for your employees, it could cost your company more than money, but your reputation. Abacus Technologies is here to give you the tools to secure your technology and empower your users to protect your business. We believe that by having the right tools in place will save you money and provide you with peace of mind.
If you would like to know more information about this service, please contact us to get your customized assessemnet!
Data Breaches on the Rise During Tax Season
Phishing scams related to taxes not being filed, unexpected refunds, changes to banking details, or huge tax bills are enough to get unsuspecting users to click on malicious links or attachments. Opening these types of emails on a company’s network opens the door for cybercriminals gain further access to endpoints, servers, applications, and data within the corporate network.
Below are four procedures to help protect your business:
- Use Two-Factor Authentication – this step makes it very difficult for attackers to leverage stolen credentials.
- Educate Employees – Organizations engaging in Security Awareness Training create a security culture where employees become security-minded when interacting with the web and email.
- Put Checks and Balances in Place – Specifically around any request to change banking details or to issue checks/wire transfers/etc. Via email, organizations should have policies in place requiring a phone call before processing the request.
- Have a Response Plan – Knowing what you’ll do should the organization experience a data breach or ransomware attack will help to lessen the damage done.
How Weak are Your Passwords
According to the report, 51% reuse the same password across business and personal accounts. The means multiple privileged accounts within the organization use the same password, simplifying the hacker’s job of compromising additional credentials.
Whether a password policy is in place or not, organizations need to create a security culture where users are aware of how reusing passwords puts the organization at risk. Using Security Awareness Training, users can be taught why passwords uniqueness, complexity, and safeguarding are essential. Thus, helping the organization move towards a security culture.
Don’t Fall for the Email Subject Headlines
We get thousands of spam emails every year, and each year scammers are getting more and more sophisticated with the emails that they are sending. So well in fact, that it is getting harder to tell the difference between a legitimate email and a phishing email.
New Form of Phishing to Look Out for
Phishing is moving beyond the email to your online presence to collect personal details to attack you on social networks.
In a world where millennials have grown up with a device in their hand, inherently trusting everything they interact with on the web, cybercriminals are meeting victims where they are online, using a new type of phishing attack that gets the user to give up personal details.
Protection Against Phishing Attacks
Employee’s not mindful of the existence of email-based phishing attacks can be easily fooled with emails promising free gifts, package deliveries, problems with banking transactions, documents to sign, or CEO impersonation. These types of phishing emails highlight how vulnerable an organization’s security is, and how they rely on the user to ensure security.
To get ahead of these attacks, Companies need to test users by sending stimulated phishing emails regularly. This allows organizations to identify users that put the organization at risk. Our new Security Awareness Program includes a phishing stimulator software that we can customize to fit your company’s needs when it comes to testing employees.