I was speaking with a client recently about when their users receive phishing emails, they will typically yell to others across the room and down the hallway to be on the lookout. But, the days of everyone being in the office at the same time and users having that luxury are gone. At least for now…
As we get back to our old normal (I refuse to refer to it as ‘new’!), things will improve. Still, it’s important to think about how you can instruct users to sent off a phishing warning when they’re not around one other in the office.
An email is okay but there’s a chance people won’t see it until it’s too late. You might use a collaboration/instant messaging tool such as Slack or Teams. That could work…as long as the ground rules are set and it’s not too disruptive. There are a thousand things you can do…the important thing is that this is on your radar and you have a plan.
The last thing you want is to get caught off-guard…knowing what we now know about phishing, credential theft, ransomware and information security as a whole, you’ve got to do what you can to at least keep up with the bad guys. You might not get ahead of them but you at least need to be thinking like them and have controls and users working in your favor in an on-guard kind of way.