I was speaking with a client recently about when their users receive phishing emails, they will typically yell to others across the room and down the hallway to be on the lookout. But, the days of everyone being in the office at the same time and users having that luxury are gone. At least for now…
As we get back to our old normal (I refuse to refer to it as ‘new’!), things will improve. Still, it’s important to think about how you can instruct users to sent off a phishing warning when they’re not around one other in the office.
An email is okay but there’s a chance people won’t see it until it’s too late. You might use a collaboration/instant messaging tool such as Slack or Teams. That could work…as long as the ground rules are set and it’s not too disruptive. There are a thousand things you can do…the important thing is that this is on your radar and you have a plan.
The last thing you want is to get caught off-guard…knowing what we now know about phishing, credential theft, ransomware and information security as a whole, you’ve got to do what you can to at least keep up with the bad guys. You might not get ahead of them but you at least need to be thinking like them and have controls and users working in your favor in an on-guard kind of way.
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”