Imagine if you had two emails that were worth a million dollars each. You would do everything that you can to protect those emails and ensure that no one deleted them. You would back them up, have multiple copies in place so that if you lost those emails, you would have a quick way to recover them. You would make sure that access was limited, with strong password protection, and everyone who had access to the delete button was properly trained on how to open and read the emails safely.
Two emails. It was two phishing emails that cost UnityPoint Health millions of dollars. So why aren’t we putting the emphasis on the BEFORE in cybersecurity? Proper, current, and ongoing training shouldn’t even be a question in this day and age of business. Pre-COVID it should have already been a priority, but now, with so many people working remotely, the risk of hackers gaining entry to a business with the relaxed and unfamiliar environment that a home office can provide is on the rise.
Repeat, Repeat, Repeat
We don’t hear something once and remember it. Especially if it is unfamiliar content and information that we don’t process regularly. If you were to say “watch out for phishing emails” to a team, it’s likely that one or two people in an office will think that you are referencing a salmon special or information on trout season – the vernacular isn’t as commonplace as it is to those of us in the IT industry. That’s why we need to make it commonplace. It is our job to make sure that PHISHING is as well-known as the word HACKED when it comes to educating anyone with an email. Yes, anyone with an email. Because that is the door through which cyber criminals often enter.
With our Catch Phish #Outlook email plug-in, training becomes not only part of our everyday working environment, it allows for continual educating when it comes to creating awareness and smart cyber habits. Catch Phish gives employees the ability to analyze emails from outside sources, a great way to train them on phishing red flags and cut down on your service tickets asking, “is this a phishing email?”. This tool also provides quick access to weekly security training videos and quizzes as part of the in-email experience.
Take the time now to protect and educate employees, and couple that with putting a smart and all-encompassing reaction plan in place should a breach occur. Do not let a lack of education be the reason that your client has to spend millions of dollars in response to two emails. Encourage them to spend the time and money now, BEFORE a breach occurs, so that the business can survive AFTER one does.
If you have questions about protecting your business from Phishing attacks, Let Us Know!