Even during a global pandemic, hackers don’t stop. During our Security Awareness During COVID-19 webinar, Nate Gravel and Brian Brunelle from our Information Security team discuss how COVID-19 is bringing about a need to ramp up security awareness training for employees. As new security threats emerge, employees need to know what to be on the lookout for in terms of phishing and cyberattacks.
New Technology Requires Employee Training
Nate begins by stating the importance of educating and training employees during events such as COVID-19. As many businesses were forced into remote operations for the first time, there were new technologies that needed to be put in place such as VPNs and Collaboration Tools. When dealing with new technology, it is important for employees to understand and acknowledge how to use and operate these new technologies. Nate explains how during these challenging times, many of our customers struggled to formulate a plan on hardening and validation testing for new technology to be able to maintain and continue operations as seamlessly as possible. The safety net for not having those technical controls is making sure that users are able to understand how to use the technology and how to use it in a secure fashion.
Hackers Don’t Stop & Won’t Stop
Another reason why security awareness training is important during pandemics is that hackers will not stop no matter what. In March 2020, we instantly saw a spike in cyber threats and hack attacks due to COVID-19. In 2017, we saw hackers create Hurricane Harvey Relief Scams in an effort to capitalize on the situation. Nate explains how hackers ramp up their efforts during pandemics and natural disasters in an effort to take advantage of the situation. It becomes an opportunity for hackers to try and gain access and gain financially. While it may not be at the top of everyone’s list during these times, it should be considered to continue and introduce new training to better your business.
“Don’t See Security as a Hinderance”
Brian continues the discussion by urging organizations to not see security as a hinderance. Security will allow organizations to implement working remotely and using technology effectively and safely. He encourages organizations to maintain adequate knowledge of security as certain regulations are always changing and updating. The last thing you want to deal with during a pandemic is a ransomware or a cyber attack against your organization. Security trainings soft spot is the human aspect. Users can have technical controls in place, but you need employees to be able to understand the use of the technology and be able to use them securely. Having that training in place for what to watch out for and what are additional risks to be concerned about when working remotely or on certain devices will allow employees and organizations to be ready from all angles of any possible threats
Blurring the line of where is business, where is home and where business can be conducted from has been a key role during these changing times. Making sure your security training addresses those different aspects will add great value towards your organization and will continue to do so in the future.
Should you need any assistance on the training or security of your employees or new technologies, please do not hesitate to contact us! You can also check out our Information Security services.
Related articles
Change Healthcare Attack: Ransomware Protection Measures for Healthcare Organizations
In light of the Change Healthcare attack, we explore why hackers target healthcare and how healthcare can defend against ransomware.
GraVoc Recognized on CRN MSP 500 List for Second Year in a Row
For the second year in a row, GraVoc has been recognized on the CRN® MSP 500 list in the Pioneer 250 category!
PCI SAQ Types: Which SAQ is Right for Your Business?
In this blog post, we provide an overview of the SAQ types for PCI DSS v4.0 and how to select a PCI SAQ that’s right for your business.