Imagine if you had two emails that were worth a million dollars each. You would do everything that you could to protect those emails and ensure that no one deleted them. You would back them up, and would have multiple copies in place so that if you lost those emails, you’d have a quick way to recover them. You would make sure that access was limited, with strong password protection, and ensure everyone who had access to the delete button was properly trained on how to open and read the emails safely.
Two emails. It was two phishing emails that cost UnityPoint Health millions of dollars. So why aren’t we putting the emphasis on the BEFORE in cybersecurity? Proper, current, and ongoing training shouldn’t even be a question in this day and age of business. Pre-COVID it should have already been a priority, but now, with so many people working remotely, the risk of hackers gaining entry to a business with the relaxed and unfamiliar environment that a home office can provide is on the rise.
We don’t hear something once and remember it. Especially if it is unfamiliar content and information that we don’t process regularly. If you were to say “watch out for phishing emails” to a team, it’s likely that one or two people in an office will think that you are referencing a salmon special or information on trout season – the vernacular isn’t as commonplace as it is to those of us in the IT industry. That’s why we need to make it commonplace. It is our job to make sure that PHISHING is as well-known as the word HACKED when it comes to educating anyone with an email. Yes, anyone with an email. Because that is the door through which cyber criminals often enter.
With our Security Awareness Training, training not only becomes part of your employees everyday working environment, it allows for the continual education with regard to threat awareness and smart cyber habits. Additionally, Tech II’s phishing campaign service gives employees the ability to analyze emails from outside sources, a great way to train them on phishing red flags and cut down on your company’s service tickets that ask, “Is this a phishing email?”
Take the time now to protect and educate your employees, and couple that with putting a smart and all-encompassing reaction plan in place should a breach occur. Do not let a lack of education be the reason that your company has to spend millions of dollars in response to two emails. Spend the time and money now, BEFORE a breach occurs, so that the business can survive AFTER one does.