Manage Pressing Risks with EPL-Risk.com

A one-stop hub for practical, timely and actionable insights, tools and training that may save thousands of dollars by minimizing potential loss exposures, human resources expenses, training costs, and attorney fees.

Stay on top of current workplace issues, legislation, and employment trends with:
  • Articles, News Briefs, and Checklists
  • Interactive Training Modules
  • Model Handbook with 100+ Template HR Policies, Procedures, and forms

Today's Workplace

Online Requests To Change Payment Procedures: A Red Flag That Needs Thorough Investigation

Organizations must train employees to prevent phishing scams, but also know what to do if an employee falls prey. Read more.

Continue Reading

Mac Malware Is On The Rise: Why You Can't Wait To Update

Installing updates to patch vulnerabilities immediately is your best defense against malware, including malware infecting Macs. We examine.

Continue Reading

Scam Or Legit: Would You Be Able To Tell The Difference?

The FTC warns people to be alert to scammers posing as government agents and asks for help in communicating the risk to others. We offer further steps for employees to use to avoid becoming victims.

Continue Reading

Nearly Half Of Organizations Experienced A Cyberattack Last Year: Did Yours?

The Department for Digital, Culture, Media and Sport (DCMS) in the U.K. recently released its 2021 Cyber Security Breaches Survey, which found that 40 percent of businesses have experienced a cyberattack in the past year.

The survey did find a slight drop in the number of organizations using security monitoring tools to identify abnormal activity, which could mean even more have been the victims of cybercrime but do not yet know it.

Among the organizations that said they experienced a cyberattack, more than 80 percent were hit with phishing emails. In phishing attacks, cybercriminals send emails with malware-infected attachments or that coerce the recipient into clicking on a malicious link.

Over 25 percent of organizations hit with a cyberattack said they received emails spoofing real people or businesses. The goal of these attacks could be to steal credentials or trick employees into making financial transfers (so-called business email compromise attacks).

Around five percent of organizations said they identified an attempted ransomware attack.

According to the survey, the majority of targeted organizations took action by providing additional employee training, updating antivirus software, changing firewall configurations, or installing new software. However, over one-third did not take any action after learning of a cyberattack.

In addition, the survey found that more organizations have enrolled in cybersecurity insurance of some kind.

More employees are working remotely during the pandemic, which means they are not protected by their organization's firewall. Organizations have had to adapt quickly and may face more cyberattacks as a result. Danny Palmer "Four out of five companies say they've spotted this cyber-attack. Plenty still fall victim to it" www.zdnet.com (Mar. 25, 2021).

Commentary

The 2021 Cyber Security Breaches Survey recommends that organizations take the following actions to make their networks more resilient to cyberattacks.

First, it recommends protecting accounts with multi-factor authentication. Multi-factor authentication requires users to provide two or more verification factors to access an account, as opposed to only one (a password).

Second, the report suggests increasing employee awareness of cybersecurity through more training. Organizations should train employees upon hire and again annually on your cybersecurity policies and best practices to prevent an attack.

Third, it recommends that organizations increase their supply chain risk management activities. Doing so can help protect your organization from a cyberattack that exploits your supply chain to access your network. Danny Palmer "Four out of five companies say they've spotted this cyber-attack. Plenty still fall victim to it" www.zdnet.com (Mar. 25, 2021).

Finally, your opinion is important to us. Please complete the opinion survey: