Insights: Article

Expect the Unexpected- Raising Cybersecurity Awareness in Your Organization

By   Karen Andersen

July 29, 2016

What is your first reaction when you hear the words cybersecurity and security awareness? The topic of cybersecurity awareness is frequently mentioned in business, but it can be vague, and many people likely dismiss it quickly as something their organization makes them do, similar to reading a policy. But the right story can help you build awareness of this issue and show just how a little more attention can help create compelling results.

All Together Now
Cybersecurity isn’t just something the IT department does. In fact, it encompasses just about all areas of an organization, including physical security. Everyone has a role.

Being aware means being present and paying attention to what is going on around you. Sounds simple enough, but look around. How many people are aware of what’s going on around them? Cell phones have certainly added to the distraction factor. Perhaps some people are wearing headphones, listening to music. Encouraging individuals, at all levels, to be more aware is excellent advice and an easy way to improve cybersecurity awareness. 

Sounds easy enough, but is it? Awareness is a conscious effort. It is easy to go through the motions of the day on autopilot while thinking about what you would rather be doing. Most of us do this occasionally throughout the day. The goal isn’t to convince people to be negative or pessimistic, rather slightly less trusting. Here is where the potential payoff or benefit can come into play.

Don’t Ignore the Flags
If you received an email from a trusted executive to process a transaction, would you automatically do it? What if the request seems out of the ordinary? Perhaps the email states why the request is needed, which negates any concerns. The email sender is trustworthy enough, right? Is the business you are transferring funds to a name you recognize? How about spelling? If a business name is spelled incorrectly, would you dismiss it as carelessness or stop and question it?

This is not an entirely uncommon scenario. It is also a technique hackers are using to get recipients to transfer funds, urgently, before the email recipient thinks to question or seek confirmation. The request gets processed as directed, without any questioning. Later it’s discovered the sender’s name was spoofed, it never originated from anyone within your organization, and the money is gone.

This scenario didn’t involve IT, nor is it overly complicated. If you figured it out as you were reading, good for you for thinking a step ahead and chalking a win for cybersecurity awareness. It may seem obvious, but according to recent estimates $2.3 billion has been lost over the last three years using this technique.

A simple solutions is to always request a two-step approval process, or confirmation from the actual executive, prior to sending. It may seem like common sense, but it does require individuals to be aware. If it wasn’t effective, the “bad guys” wouldn’t keep trying to lure unsuspecting employees.

Part of the Solution
If you’re still reading, you just participated in cybersecurity awareness. Sharing examples, educating employees, building awareness, and making the topic interesting are easy ways to help increase any organizations cybersecurity profile.

Latest Insights

June 20, 2018
While cash management can be easy, there are a few key details that some organizations need to remember to avoid findings that could have otherwise been easily prevented.
June 15, 2018
Recorded Webinar
Congress has passed the largest and most comprehensive tax reform legislation in the past 30 years and businesses and dealerships are trying to figure out the tax implications and what this means for them in their current situation and moving forward.
June 15, 2018
Learn more about the basics of cost segregation and whether your recent building purchase, renovation or new construction could reduce your taxes and increase cash flow.
June 14, 2018
It is not to say that well run companies do not get breached, but all indicators lead to the conclusion that if certain things are done from the top down, the effects and cost of defending your company against data breaches, and recovering from a breach…
June 14, 2018
All deals are unique in the world of transactions but unique does not have to equate to surprises on either side.
June 12, 2018
As taxpayers work closely with their tax advisers to develop tax projections and planning strategies, state income taxes take on greater importance than in the past - in addition, some states’ legislatures will not be taking up the issue of federal…