Gartner observed: "Rapid responses to the coronavirus pandemic leave organizations vulnerable to security breaches. Security and risk teams must remain vigilant and focus on strategic areas. They have a section for each of these 7 areas, and the third one is quoted below because it's relevant to building your human firewall.
- Ensure that the organization’s incident response protocols reflect the altered operating conditions and are tested early
- Ensure that all remote access capabilities are tested and secure and endpoints used by workers are patched
- Reinforce the need for remote workers to remain vigilant to socially engineered attacks
- Ensure security monitoring capabilities are tuned to have visibility of the expanded operating environment
- Engage with security services vendors to evaluate impacts to the security supply chain
- Account for cyber-physical systems security challenges
- Don’t forget employee information and privacy
Specifically, Focus Area 3: Reinforce the need for remote workers to remain vigilant to socially engineered attacks, we are quoting Gartner:
"The reality is that employees will have more distractions than usual, whether it’s having kids at home, worrying about family or concerns about their own health. They’re also operating in a different environment, and might not be as vigilant about security during a time where cybercriminals will exploit the chaos.
"Make sure you reach out to senior leaders with examples of target phishing attacks, and alert employees to the escalating cyberthreat environment. Remind them that they must remain focused and hypervigilant to suspicious activities.
"If appropriate, send out reminders every two weeks and remind them of the location of pertinent documents such as remote and mobile working policies, as well as where they can access security awareness training material if they want a refresher. Further, clearly communicate who to contact and what to do if employees suspect a cyberattack."
We could not agree more! KnowBe4 has a new, free, 15-min training module published as a Public Service Announcement how to stay safe working from the house that anyone in the world can step through.
New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your quote for KnowBe4's security awareness training and simulated phishing platform and find out how affordable this is!
