- Employee awareness
- 6 min read
Of course you are, so I guess the real question is – are your employees ready to respond to the risks and threats they face in our ever-evolving information and cybersecurity landscape?
Are your employees up to speed with how the threat landscape is evolving? Do they know the difference between a business email compromise (BEC) attack and a phishing scam? Do they know how their actions could lead to a ransomware attack? Are they aware of how valuable their login credentials are?
While cybercriminals continue to focus heavily on credential harvesting, the methods they use to steal these credentials are constantly evolving. From phishing attacks to exploiting vulnerabilities in web applications, these cybercriminals have lots of tricks up their sleeves.
And it’s not just credentials they are after – BEC attacks, where cybercriminals pose as senior executives to trick employees into making immediate bank transfers, continue to rise.
""
Ransomware attacks are also in the daily news, and known APTs, such as FIN11, are said to have switched to ransomware as their first line of attack, due to how successful this attack vector is proving.
Another consideration within our threat landscape is the widespread adoption of remote working, spurred on by the global pandemic. Employees working from home may be less likely to apply cybersecurity training and information security policies, making companies more vulnerable to cyber attacks.
Technological advances, such as the rise in sophisticated deepfakes and the creation of new malware, also place extra pressure on our employees – although we should never underestimate the damage done by a single click of a link in a phishing email.
But there is an opportunity on the horizon. October is fast approaching, and with that comes Cyber Security Month 2021 (CSM21). This is often recognised as an opportunity to focus on a variety of cybersecurity topics during this four-week period.
CSM21's objective of changing the perception of cyber threats through education and good practice sharing lends itself well to your cybersecurity programme. The 'noise' around CSM21 raises awareness among the very people you are encouraging to be better cyber citizens. Many cybersecurity professionals take full advantage. CSM21 can be used used to launch new awareness campaigns or highlight a particular aspect of your cybersecurity programme.
If you would like to discuss your plans for CSM21, please do get in touch.
Additionally, if you want ideas on what to deliver, we have 15 different products available on the topics of the evolution of threats, password compromise, BEC and ransomware attacks. The products include animated and static infographics, GIFs, games and facilitated team activities. You can find out all the details here or alternatively contact Jenny Mandley or your TSC Client Project Manager.
© The Security Company (International) Limited 2023
Office One, 1 Coldbath Square, London, EC1R 5HL, UK
Company registration No: 3703393
VAT No: 385 8337 51