Daily Buzz: Can You Identify Phishing Attacks?
Cyberattacks tend to ramp up in Q4, and many are due to human error. Invest in phishing training to protect your organization. Also: the next step on your cybersecurity to-do list.
Welcome to Q4! You made it. And as you finalize your end-of-year to-do list, may we suggest one more thing to add? Cyberattack training for your team.
“If Q4 isn’t stressful enough for organizations, cybercriminals will make sure it is,” writes Marjorie Valin on the Summit Business Technologies blog. “The near-constant occurrence of cyberattacks ramps up even more in advance of Halloween and the holiday shopping spree.”
Those attacks can include anything from network slowdowns and system lockouts to computer takeovers, inoperable systems, and exposed data—all things that not only keep you from hitting those end-of-year goals, but also have the potential to ruin your organization’s reputation and relationship with members.
And the truth is, research shows that about 95 percent of cyber breaches are due to human error. Nonsecure usernames and passwords play a role, but phishing is also a big culprit—which means your team needs to know how to identify potential threats.
“Hackers know that your people are your weakest link, unless you have immersed them in year-round security awareness training,” Valin says.
Not sure where to start? Try the Phish Quiz Challenge, offered by the security awareness service Phishgoggles as part of National Cybersecurity Awareness Month, to test your team’s phishing know-how. They might not get 100 percent—but that’s all the more reason to start a training program, right?
Be sure to check out our blog post featuring Summit Executive Vice President Gary Grabowski for more phishing tips.
After Training, What’s Next?
With phishing and cyberattack training in the works, what’s next on your cybersecurity to-do list? Take inventory.
“In order to protect its assets, an organization needs to first review what assets it has and who and what has access to the information,” says the Vocalmeet team on its blog. “This may involve making an inventory of every device, all software, and each user that is connected to the organization’s system. Perhaps most importantly, these inventories must be updated regularly.”
From there, organizations can build out a full cybersecurity plan. “Even the most basic plan can improve security drastically, such as ensuring employees log off when away from their devices and reporting unusual happenings or activity,” the team writes.
Other Links of Note
Feeling ill? It could be decision fatigue. Nonprofit Marketing Guide describes the symptoms and treatment.
Calling all young professionals: These 10 strategies can help increase your influence at work, says Nonprofit AF.
Hosting a Halloween meeting? BizBash ushers in the spooky season with event inspiration for the holiday.
(weerapatkiatdumrong/iStock/Getty Images Plus)