Manage Pressing Risks with EPL-Risk.com

A one-stop hub for practical, timely and actionable insights, tools and training that may save thousands of dollars by minimizing potential loss exposures, human resources expenses, training costs, and attorney fees.

Stay on top of current workplace issues, legislation, and employment trends with:
  • Articles, News Briefs, and Checklists
  • Interactive Training Modules
  • Model Handbook with 100+ Template HR Policies, Procedures, and forms

Today's Workplace

The Re-emergence Of Emotet Malware Emphasizes The Need For Employee Vigilance

The Emotet malware is now sending one thousand emails per day, now with adaptations to avoid detection. Read suggestions for cyber protection and spam prevention.

Continue Reading

Remote Work Is Here To Stay, But So Are The Cyber Risks

More employees are going to work remotely. Learn why that presents even more cybersecurity challenges.

Continue Reading

IT Communication Breakdowns Lead To Higher Data Security Risks

IT can assist employees working from home to stop a cyberattack, but employees must first make the call. We examine the cybersecurity issue of remote employees not communicating with IT.

Continue Reading
print   email   Share

Cybersecurity Training Remains Important Even In Lockdowns

According to Netwrix's 2020 Cyber Threats Report, 25 percent of Information Technology (IT) professionals feel like their organization is exposed to more cyber risks than before the pandemic.

Among respondents who feel more vulnerable, 63 percent said their organization has experienced more frequent cyberattacks, while 60 percent said that transitioning to remote work exposed new security gaps.

Eighty-five percent of chief information security officers surveyed said they had sacrificed cybersecurity in order to transition to remote work quickly. In addition, 54 percent said they lack the visibility to ensure proper data protection.

The most common threats respondents have faced since transitioning to remote work are: 1. phishing (48 percent); 2. administrator mistakes (27 percent); and 3. employees improperly sharing data (26 percent).

The survey also found that 25 percent of organizations suffered a ransomware or malware attack during the first three months of the pandemic. Although only 14 percent had experienced employees stealing data, 66 percent said they worry about it, an increase since before the pandemic. Supply chain compromises are the attack that took the longest to detect.

Netwrix surveyed 937 IT professionals globally for the report. "Survey: 85% of CISOs Admit they Sacrificed Cybersecurity to Quickly Enable Employees to Work Remotely" netwrix.com (Sep. 22, 2020).

 

Commentary

All of the top risks that respondents to the 2020 Cyber Threats Report have faced since transitioning to remote work are related to human error.

Annual cybersecurity training is essential to teach all members of the organization cyber best practices and reduce your risk from human error. Do not assume that your top executives and IT leaders do not need to be included in training. Administrators and senior leaders frequently create exposure, and their mistakes are even more dangerous because they have access to more data.

Minimize sharing of information by only allowing employees access to data that they need to perform their job and limiting the number of administrators. Train everyone to use unique passwords on every account and to never share their login credentials with anyone.

Rapid incident detection is also key. Even with proper training, there is always a risk that someone in your organization will slip up and open the door to a cybercriminal. If that does happen, knowing about it as soon as possible will help you minimize damage. Create a system to monitor activity on the network and notify IT of any odd activity.

Finally, your opinion is important to us. Please complete the opinion survey: