Manage Pressing Risks with EPL-Risk.com

A one-stop hub for practical, timely and actionable insights, tools and training that may save thousands of dollars by minimizing potential loss exposures, human resources expenses, training costs, and attorney fees.

Stay on top of current workplace issues, legislation, and employment trends with:
  • Articles, News Briefs, and Checklists
  • Interactive Training Modules
  • Model Handbook with 100+ Template HR Policies, Procedures, and forms

Today's Workplace

Is Having A "Gold Image" The Key To Defeating Ransomware?

A hospital employer says a cyberattack led to the death of a patient. Read how quality backups keep clients safe and allow you to say "no" to paying cybercriminals.

Continue Reading

Cybersecurity Training Remains Important Even In Lockdowns

Minimizing administrator privileges and conducting annual training are two ways to keep data safe. Learn more.

Continue Reading

Watch Out For Phishing Emails Claiming Layoffs And Other COVID-Related Topics

Cybercriminals are sending emails, claiming their target has been laid off, among other COVID-related phishing scams. Read how to help protect yourself.

Continue Reading
print   email   Share

Cybersecurity Training Remains Important Even In Lockdowns

According to Netwrix's 2020 Cyber Threats Report, 25 percent of Information Technology (IT) professionals feel like their organization is exposed to more cyber risks than before the pandemic.

Among respondents who feel more vulnerable, 63 percent said their organization has experienced more frequent cyberattacks, while 60 percent said that transitioning to remote work exposed new security gaps.

Eighty-five percent of chief information security officers surveyed said they had sacrificed cybersecurity in order to transition to remote work quickly. In addition, 54 percent said they lack the visibility to ensure proper data protection.

The most common threats respondents have faced since transitioning to remote work are: 1. phishing (48 percent); 2. administrator mistakes (27 percent); and 3. employees improperly sharing data (26 percent).

The survey also found that 25 percent of organizations suffered a ransomware or malware attack during the first three months of the pandemic. Although only 14 percent had experienced employees stealing data, 66 percent said they worry about it, an increase since before the pandemic. Supply chain compromises are the attack that took the longest to detect.

Netwrix surveyed 937 IT professionals globally for the report. "Survey: 85% of CISOs Admit they Sacrificed Cybersecurity to Quickly Enable Employees to Work Remotely" netwrix.com (Sep. 22, 2020).

 

Commentary

All of the top risks that respondents to the 2020 Cyber Threats Report have faced since transitioning to remote work are related to human error.

Annual cybersecurity training is essential to teach all members of the organization cyber best practices and reduce your risk from human error. Do not assume that your top executives and IT leaders do not need to be included in training. Administrators and senior leaders frequently create exposure, and their mistakes are even more dangerous because they have access to more data.

Minimize sharing of information by only allowing employees access to data that they need to perform their job and limiting the number of administrators. Train everyone to use unique passwords on every account and to never share their login credentials with anyone.

Rapid incident detection is also key. Even with proper training, there is always a risk that someone in your organization will slip up and open the door to a cybercriminal. If that does happen, knowing about it as soon as possible will help you minimize damage. Create a system to monitor activity on the network and notify IT of any odd activity.

Finally, your opinion is important to us. Please complete the opinion survey: