Cyber attacks are increasing in number and sophistication and we must share responsibility to make our workplace a more secure environment for ourselves. Everyone should feel accountable for the security of their networks and devices.
There are some measures that you should take to protect your workplace from cyber crime attacks. Preventing incidents from occurring in the first place is a better way then controlling damage after the incident have taken place.
The most important threats that cyber crime presents to our workplace:
Phishing is a method used to obtain sensitive or personal information from a computer user. Phishing is an act by which cyber criminals attempt to obtain confidential data as the credit card number or username and password of any account. The main purpose of phishing is to acquire important data of company and employees to produce financial loss. Phishing is realised by sending e-mail or websites in which cyber criminals ask about your personal information and become activated when you are clicking on their link.
Malware, also known as malicious code, refers to a program that is covertly inserted into another program with the intent to destroy data, run destructive or intrusive programs, or otherwise compromise the confidentiality, integrity, or availability of the victim’s data, applications, or operating system. Malware cause widespread damage and disruption and necessitating extensive recovery efforts within most organisations.
Social engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information about co-workers and company. Many social engineering exploits simply rely on people’s willingness to be helpful. The attacker might pretend to be a co-worker who has an urgent problem that requires access to additional network in the purpose of information gathering, fraud, or system access.
How to mitigate those threats:
– Always check the recipient of an email and the source of a message. Hackers have the technology to generate phishing emails from what appear to be familiar email addresses.
– Avoid downloading unnecessary files, illegally obtaining music or films, or accessing inappropriate websites, even after office hours or off-site Don’t trust people blindly and don’t give away confidential information to strangers.
– Don’t use unknown USB drivers! Once it’s plugged in, a virus can be activated, and hackers could then have access to their computer and network. Don’t plug anything into your work computer without knowing the origin.
– Try to get in the habit of keeping your home technology and work technology completely separate. That way, you can rest assure that whatever you or your family is doing on personal equipment will not impact the security of others at work.
– Report all suspicious cyber Incidents, including suspicious e-mails and questions, system failures, and unauthorized access or use or unusual problems with your computer to your IT department.
– Make your passwords complex. Use numbers, symbols, and letters (uppercase and lowercase) and change it regularly.
– Do not give any of your usernames, passwords, or other computer/ website access codes to anyone.
– Do not open emails, links, or attachments from strangers.
– Do not install or connect any personal software or hardware to your organization’s network without permission from your IT department.
Cyber security is everyone’s responsibility and we each have a role to play. When every employee is active in securing their individual computers, the entire company network is obtaining a stronger security posture.
ACTIVITATEA DE PREVENIRE A ACCIDENTELOR MAJORE
Studiu de caz
