Manage Pressing Risks with EPL-Risk.com

A one-stop hub for practical, timely and actionable insights, tools and training that may save thousands of dollars by minimizing potential loss exposures, human resources expenses, training costs, and attorney fees.

Stay on top of current workplace issues, legislation, and employment trends with:
  • Articles, News Briefs, and Checklists
  • Interactive Training Modules
  • Model Handbook with 100+ Template HR Policies, Procedures, and forms

Today's Workplace

Sharing Files Or Malware? Why Users Must Stay Vigilant Even When Collaborating

Systems experts think they may have found a flaw in Google Drive's file storage system that would allow hackers to download malware. Read how to avoid infection.

Continue Reading

Does Your Website Need To Be GDPR Compliant?

Organizations must make sure their data collection practices adhere, if required, to the E.U. guidelines. We examine.

Continue Reading

Strengthening The Weakest Link To Prevent Social Engineering Attacks

Twitter experiences a social engineering attack. We explain why training and strong policies can help strengthen your weakest security link.

Continue Reading
print   email   Share

While Cybercriminals Target The Grid, Small Organizations Are Still Threatened

U.S. Senators and energy sector officials recently warned that foreign adversaries are continuing to target the U.S. electrical grid and that the threat is growing.

The pandemic has created opportunity for cybercriminals to attack critical energy infrastructure and other networks. A successful hack, according to Senator Murkowski, could "shut down power, impacting hospitals, banks, gas pumps, military installations, and cell phone service" and lead to widespread and devastating consequences, particularly during a pandemic.

In July, the National Security Agency and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency issued an alert stating that foreign cybercriminals were targeting critical infrastructure through internet-connected operational technology assets. The 2019 Worldwide Threats Assessment had similarly warned that Russia, China, and Iran had the capacity to "cause localized, temporary disruptive effects on critical infrastructure" through a cyberattack. 

The president of Siemens Energy, Inc. stated that their organization gets attacked thousands of times each day. According to Senator King, one utility sector system is being attacked three million times a day. Maggie Miller "Officials warn of increasing threats to critical infrastructure during pandemic" thehill.com (Aug. 05, 2020).

Commentary

No matter whether your organization is large or small, you cannot avoid a breach by avoiding an attack. In fact, cybercriminals often target smaller organizations that might not be as well protected.

Fortunately, there are a number of steps organizations of all sizes can take to protect their network. Often, it is something as basic as an employee clicking on a link in an email that leads to a large-scale data breach.

Install anti-virus and anti-malware software on all network-connected computers and devices. Keep them updated with the latest patches and set them to scan for viruses daily. Protect your network with a firewall.

Require all employees and leaders to use strong, unique passwords on all network-connected devices and accounts.

Train them to be suspicious of links and attachments contained in emails, to avoid clicking on them or website popups, and to always double-check that a website is secure before entering any information. In your training, always include examples so that they can learn to recognize possible scams and attempts to breach your system.

Finally, your opinion is important to us. Please complete the opinion survey: