It is October 2021, and another Cybersecurity Awareness Month is upon us. With so much having occurred over the last year, we should all be experts in personal cybersecurity protection. After all, when our homes became our primary business location, it all became very personal.
I once worked at a company that prohibited me from offering personal cybersecurity advice. They reasoned that if I offered a person any advice such as using a password manager, setting up a credit freeze, or using multi-factor authentication on every 2FA-capable site and something went wrong, the company could be held liable for that advice. I suppose that, from their perspective, they had a valid point. Contrarily, to many security experts, the “security begins at home” approach made a lot of sense; teach a person how to be more cyber secure in their daily lives, and they will carry those habits to the workplace. It took a pandemic to shift the corporate mindset to align with that sentiment.
The full-time remote workforce became keenly aware that a threat to their corporate cybersecurity could easily reflect directly into their home computing setup. A person could no longer safely think that an action they took during work hours would have no impact on their personal computing environment. While many larger corporations could afford to take measures to protect their networks from the perils of all of the home devices joining the corporate network, some of the small- and medium-sized businesses lacked the resources to accomplish any added measures of protection.
During Cybersecurity Awareness Month, we will see plenty of good advice about how to protect ourselves on the internet. Security sites and social media will once again be abuzz with all of the things that we should all do to remain safe online. One (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Bob Covello. Read the original post at: https://www.tripwire.com/state-of-security/featured/dont-warn-your-co-workers-about-that-phishing-test/