October is Cybersecurity Awareness Month and this week’s theme is Cybersecurity in the Workplace is Everyone’s Business.
Has anyone from your company’s IT department asked you to join the cybersecurity staff? No? Well consider yourself invited.
Cybersecurity has become an critically important part of computer and network operations, but frankly, no company can afford to hire all the information security professionals that it needs. And that is if they can find anyone to hire at all. Unemployment in cybersecurity is currently running at NEGATIVE 15%. That means that 15% of these jobs go unfilled because there are not enough trained professionals. It can take six months or more to fill an open position.
But my invitation was not to actually join us in the cybersecurity profession. It is more like an invitation to join the Civil Defense, Home Guard or Volunteer Fire Department. I am asking you to put in a little extra effort and think a bit like a security pro. I am asking you to learn a few things and start a few new behaviors. Simple things like not clicking on every email link and opening every email attachment.
Most of us are pretty cleaver when it comes to our physical security. We know where the dodgy neighborhoods are and avoid them. We lock our doors at night. We lock our cars. We look both ways when crossing the street. We are careful not to flash huge wads of cash about.
Virtual and online security are not much different.
- Stay our of “bad neighborhoods” online by learning how to spot a fake email from the sender address or a dodgy website from the web address (URL or domain name). Plenty of great articles on this subject on my blog, so just search.
- Lock your doors by creating longer passwords and coupling them with a two-factor authentication app.
- Look “both ways” for unusual traffic coming into or leaving your network via the Internet connection. This could be the sign of a ransomware installation or data exfiltration operation.
- Keep your money safe by protecting your business email account and bank account from hijacking. Watch for fraudulent wire transfer activity that may start with an email.
- When in doubt, call IT. Most information technology professionals would rather deal with a question before it becomes a problem, rather than clean up the mess after it is a problem.
Without the help and vigilance of every employee, the task of securing the company is impossible. Cybersecurity breaches and network disruptions affect all employees. If the attack is big enough, it can put a company out of business and can put our jobs at risk. This is how Cybersecurity in the Workplace is Everyone’s Business.
Share
OCT
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com