Building a cyber-aware culture should be a part of a long-term IT security strategy – in any company. In reality, however, companies often do not go beyond some form of basic cybersecurity training for employees. Of course, it's not possible to build such a culture in a day. But where should you start?
Cybersecurity education could be compared to taking an exam. You learn something to prepare for the test, but if you don't use that knowledge again for a long time, you forget it. This is often the case with cybersecurity training for employees, which takes place once or twice a year. Education should be an ongoing process for best results.
You have probably heard about social engineering – psychologically manipulating people into involuntarily revealing sensitive information. Let's take a look at impersonation, another non-technical attack technique used by cybercriminals to pretend to be trustworthy people while trying to manipulate others (e.g., to order and approve fraudulent transactions). How do you recognize when you are contacted by a cybercriminal instead of your colleague?
Cloud storage is quickly and easily accessible from almost any digital device with an internet connection. It's no wonder that this solution has become so popular among many companies. However, it can also pose a risk to your cybersecurity. Let's take a look at how to protect cloud storage on one of the most popular cloud storage providers – Google Drive.
Humans are emotional beings, and social engineering is a very effective way to take advantage of that. What’s more, social engineering attacks such as phishing or spreading malicious links don’t usually require highly specific technical skills on the side of the attacker. Forcing thousands of users to give up sensitive information or perform harmful actions has so far proven to be rather easy! Don’t be fooled – even when your business is small, you might still become a target.
Blackmail is a common practice among cybercriminals. Although most of the threats are usually fake, many employees lack enough knowledge and are easily taken in. Therefore, it’s crucial to constantly raise awareness and talk about online scams – including sextortion.
The COVID-19 lockdowns forced millions of people to work from home. With skyrocketing numbers of users, video meeting programs like Zoom almost immediately became the target of hackers.
Computers, mobile phones, printers, tablets and other smart gadgets. Servers, emails, social and Wi-Fi networks. Digital assets and smart devices have become an indispensable part of most companies. Want to stay one step ahead of cybercriminals? Find out which of these might be your weak point. All you need is a cyber risk assessment.
Passwords were once reserved for secret agents and their criminal counterparts. These days, everybody uses passwords. In fact, most of us have too many to keep up with, which is why we often recycle the same ones for multiple purposes. But, only people in positions of power really need to worry about passwords, right?
Your employees have probably already received emails that appear to come from a bank or other popular online service, requesting that they “confirm” their account credentials or credit card number. This is a common phishing technique. Unfortunately, during the COVID-19 pandemic, we’ve seen once again that phishing lures are constantly changing – and they’re sometimes hard to recognize.