Situational awareness is knowledge combined with attitudes and behaviors that work to protect our IT assets. Being aware in cybersecurity means you understand what the threats you face are and that you take action to prevent or minimize them. Situational awareness is an important, valuable tool to have in your toolbox; even if you aren’t in the cyber industry. In 2019, Kaspersky Lab found that 90 percent of corporate data breaches in the cloud happen due to social engineering attacks that target employees. In July 2020, Twitter suffered arguably one of its worst breaches due to a social engineering attack. Awareness doesn’t stop at the door on your way out of work, its needed in our homes and communities as well.
Additional Reading: Apple Gift Card Email Compromise
What does this mean for an SMB?
- Conduct a NIST-based risk assessment of your organization.
- Cybersecurity awareness training for employees.
- Test employees with Phishing Campaigns.
- Govern employees with cybersecurity policies.
- Enable 2FA on every Internet facing critical account.
- Deploy technical protections to catch and mitigate risks when employees make mistakes (Antivirus, AntiSPAM, Anti-Malware, DNS protections, Encryption of data at rest).
CyberHoot works with organizations every day to provide them with the tools they need to become more aware and more secure, including four of the tools mentioned above (Governance Policies, Awareness Training, Phish Testing, and Risk Assessments). Head to CyberHoot.com to learn more!