Cyber Security: Its Good To Talk

The future of cyber security for all organisations lies in a more proactive approach with management and employees. A proactive security approach is designed to prevent attacks rather than react after an attack has happened. The days of waiting for an attack to be detected, then taking steps to quarantine it have passed. 

Encouraging discussion around the threats people have faced can go a long way to helping others becoming more aware of what to look out for, and to avoid falling victim to cyber criminals themselves.

Phishing is one of the common attacks and is where cyber criminals ‘fish’ for personal data by sending you emails or social media messages that look like they’re from a legitimate sender or business. Punishing people for falling for phishing attacks isn't going to help anyone with cyber security, but showing empathy and being open to mistakes can help people learn how to stay safe online. The best way to approach keeping people safe from online threats is to talk about misjudgments and errors, and to do so in a way that lets them understand that almost everyone has made a cyber security mistake at some point.

Even the most seasoned information security professional will have made mistakes at some point, so it isn't right that everyone else should be chastised or even punished if they click on a phishing link, whether for real or during a company phishing test. It's not unusual for companies to attempt to run cyber security awareness campaigns around shame and fear by punishing or embarrassing employees who fail a phishing test, but often this doesn't help people get to grips with what, for many, is a subject that's still difficult to understand.

If anything, people should be encouraged to talk about the online security mistakes they've made, because not only could it help others be more aware of potential cyber threats, it demonstrates how everyone can make mistakes and that there's nothing for people to be ashamed of if they do fall victim to phishing, social engineering or other forms of attack.

The Dept. of Computer Science and Center for Information Technology Policy at Princeton University conducted a study assessing the security and privacy risks of phone number recycling by mobile characters in the United States. Such a risk could pose a threat to many users, as every time you change your mobile number, your carrier will recycle your previous number. They 'recycle' the number by assigning it to a new phone and corresponding customer. The problem arises when these recycled phone numbers end up granting new customers access to the private information of previous phone users.  In the hands of a new customer who decides to hack into a phone, a recycled telephone number could pose untellable security risks for many users.

Protections may be taken for granted by members of staff when they were at the company premises, and they may not take the required precautions to remain safe when working remotely.

There are many challenges facing businesses in 2021, but unfortunately, we have to count cyber security as one of the most significant amongst them. Your organisation should be doing everything possible to mitigate these risks and find ways to prevent weaknesses and vulnerabilities in your IT systems.

Princeton University:      TechXplore:      CPO Magazine:        ZDNet:      Hermes:      IFSec Global:

You Might Also Read: 

Get The Best Cyber Security Audits & Training In 2021:

 

« Preventing Ransomware Attacks
Online Fraud Costs British Investors £63m »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

NXP Semiconductors

NXP Semiconductors

NXP is a world leader in secure connectivity solutions for embedded applications and the Internet of Things.

Verimuchme

Verimuchme

Verimuchme is a digital wallet and exchange platform to secure, verify and re-use personal information.

National Cyber Security Centre (NCSC) - Netherlands

National Cyber Security Centre (NCSC) - Netherlands

NCSC Netherlands coordinates enhancing the cyber resilience of the Netherlands in the digital domain.

Claroty

Claroty

Claroty was conceived to secure and optimize OT networks that run the world’s most critical infrastructures.

SecureKey Technologies

SecureKey Technologies

SecureKey is a leading identity and authentication provider that simplifies consumer access to online services and applications.

The Cyber Security Expert

The Cyber Security Expert

The Cyber Security Expert delivers cyber security consultancy, website and cloud security monitoring services, and specialist training services.

InFyra

InFyra

InFyra is an IoT & Telecoms specialist consultancy, with extensive global and local experience in business and technology strategy, networks and solutions development.

36 Group

36 Group

36 Group's criminal law team, has the experience and specialist knowledge to conduct effectively trials heavily concerned with the growing phenomenon of Cybercrime.

WebSec B.V.

WebSec B.V.

WebSec is a Dutch Cybersecurity firm mainly focused on offensive security services such as pentesting, red teaming and security awareness and phishing campaigns.

ITTAS

ITTAS

ITTAS is a multidisciplinary company specializing in information security and software and hardware protection software.

Real Protect

Real Protect

Real Protect is a Brazilian provider of managed security (MSS) and cyber defense services.

1Password

1Password

1Password combines industry-leading security with award-winning design to bring private, secure, and user-friendly password management to everyone.

NASK

NASK

NASK is a National Research Institute under the supervision of the Chancellery of the Prime Minister of Poland. Our key activities involve ensuring security online.

Cybersecurity Dubai

Cybersecurity Dubai

Protect your business from cyber-attacks with Cybersecurity Dubai, your partner in online security solutions.

HLB System Solutions

HLB System Solutions

HLB System Solutions: Empowering businesses with proactive IT management, consulting, security, and cloud solutions. Seamless tech for growth!

Icon Information Systems (ICONIS)

Icon Information Systems (ICONIS)

ICONIS is an integrated infrastructure and service provider, offering unified Information Technology (IT) solutions globally.