Linked: How to build a culture of cybersecurity
|

Linked: How to build a culture of cybersecurity

ByMike McBride Reading Time: 1 minute

This is the one thing I’ve talked about before when it comes to where we might fall short on our cybersecurity training, we don’t really hold anyone accountable.

Make cybersecurity part of formal employee evaluation. Give people a reason to care. Much like I talked a couple of weeks ago about creating a training culture, provide a way for people to learn more and to learn from others. Give them space and time to talk about security. Recommend they read some security blogs, meet to share stories about the latest phishing information out there, etc.

Linked: 8-Character Passwords Can Be Cracked in Less than 60 Minutes
|

Linked: 8-Character Passwords Can Be Cracked in Less than 60 Minutes

ByMike McBride Reading Time: 1 minute

So, best practices?

– use complex passwords.
– use each complex password on exactly one website. (Do NOT reuse).
– use a password manager to keep track of all those passwords.
– Use multi-factor authentication when available, as an extra step beyond your password.

Linked: Hackers slip into Microsoft Teams chats to distribute malware
| |

Linked: Hackers slip into Microsoft Teams chats to distribute malware

ByMike McBride Reading Time: 1 minute

This makes sense. How often do your coworkers send you something in a Teams chat and you simply click on it? Have you considered the possibility that it wasn’t actually your coworker but someone who was able to gain access to their account?

Linked: Malicious QR Codes – The Digital Slip & Fall
|

Linked: Malicious QR Codes – The Digital Slip & Fall

ByMike McBride Reading Time: 1 minute

Sarah makes a valid point. Sure, during the COVID pandemic it’s nice that you can go into a restaurant and scan a QR code to view the menu instead of handling physical menus. I worked in a restaurant kitchen in college, I know how nasty some menus can get. On the other hand, are we teaching people to trust something they shouldn’t trust?

Linked: Large-scale phishing study shows who bites the bait more often
|

Linked: Large-scale phishing study shows who bites the bait more often

ByMike McBride Reading Time: 2 minutes

They had some interesting findings on gender (doesn’t matter) and age (young and older employees seemed more likely), but this is one that I think impacts a lot of what we do when it comes to protecting against phishing:

“An interesting finding in the ETH study is that employees who are continuously exposed to phishing eventually fall for it, as 32.1% of the study participants clicked on at least one dangerous link or attachment.”

Linked: Everyone is burned out. That’s becoming a security nightmare
|

Linked: Everyone is burned out. That’s becoming a security nightmare

ByMike McBride Reading Time: 1 minute

OK fine, my near-weekly encouragement to see your employees as human beings first, and look out for them as human beings haven’t convinced you that burnout is a problem for your business. How about the fact that tired, burned-out employees eventually just check out and create a security nightmare?