You Are the Tip of the Spear

October is Cybersecurity Awareness Month and this week’s theme is Cybersecurity in the Workplace is Everyone’s Business.

Has anyone from your company’s IT department asked you to join the cybersecurity staff?  No?  Well consider yourself invited.

Cybersecurity has become an critically important part of computer and network operations, but frankly, no company can afford to hire all the information security professionals that it needs.  And that is if they can find anyone to hire at all.  Unemployment in cybersecurity is currently running at NEGATIVE 15%.  That means that 15% of these jobs go unfilled because there are not enough trained professionals.  It can take six months or more to fill an open position.

But my invitation was not to actually join us in the cybersecurity profession.  It is more like an invitation to join the Civil Defense, Home Guard or Volunteer Fire Department.  I am asking you to put in a little extra effort and think a bit like a security pro.  I am asking you to learn a few things and start a few new behaviors.  Simple things like not clicking on every email link and opening every email attachment.

Most of us are pretty cleaver when it comes to our physical security.  We know where the dodgy neighborhoods are and avoid them.  We lock our doors at night.  We lock our cars.  We look both ways when crossing the street.  We are careful not to flash huge wads of cash about.

Virtual and online security are not much different.

  • Stay our of “bad neighborhoods” online by learning how to spot a fake email from the sender address or a dodgy website from the web address (URL or domain name).  Plenty of great articles on this subject on my blog, so just search.
  • Lock your doors by creating longer passwords and coupling them with a two-factor authentication app.
  • Look “both ways” for unusual traffic coming into or leaving your network via the Internet connection.  This could be the sign of a ransomware installation or data exfiltration operation.
  • Keep your money safe by protecting your business email account and bank account from hijacking.  Watch for fraudulent wire transfer activity that may start with an email.
  • When in doubt, call IT.  Most information technology professionals would rather deal with a question before it becomes a problem, rather than clean up the mess after it is a problem.

Without the help and vigilance of every employee, the task of securing the company is impossible. Cybersecurity breaches and network disruptions affect all employees.  If the attack is big enough, it can put a company out of business and can put our jobs at risk.  This is how Cybersecurity in the Workplace is Everyone’s Business.

 

0

About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Senior Cybersecurity Engineer at Computer Integration Technologies, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.

Add a Comment