No Phishing

Linked – With Increased Cybersecurity Awareness, Why Does Phishing Still Work?

This is probably the biggest reason, but I think this is complicated by the workplace culture.

“People under constant pressure don’t have as much time and may not feel clear-headed enough to accurately judge what constitutes legitimate communication versus a phishing scam. That can compromise data integrity in more ways than phishing attacks.”

A while back, I wrote about the challenge with law firms specifically, where no one says no to the senior partners. That makes phishing a little easier when you can spoof the managing partner’s email. for example. Suddenly that request to transfer money, reset a password, etc. becomes a question not of best practices, but of who feels comfortable saying no, or demanding more information.

I know plenty of you have had managers and high-level executives who you didn’t want to question, ever.

You have to create a culture where everyone is expected to verify information before acting, even when it’s coming from the CEO or Managing Partner.

What are you doing to create an environment where your people feel free to take the time necessary to evaluate the difference between a scam and legitimate communication and the ability to question authority in order to get more information?

Similar Posts

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.