Your actions can set a great example for your customers.
No doubt, we are all creatures of habit. Volumes have been written about how to build a habit and break a habit, and we are pretty good at both. Just remember the most recent New Year’s Eve. It’s a tradition (which, simplified speaking, is a form of habit) to make New Year’s resolutions; lose weight, stop drinking, be more thoughtful, start a bullet journal—anything goes. And just before any of these resolutions becomes an integral part of our lives or a habit, we start procrastinating; getting up a 5 a.m. to run a few miles disrupts other habits, and every one of us is struggling to adapt to this change to our routines.
Long story short, we need to break through our habits both at home and, more importantly, online. And we were doing great over the past two years. We mastered challenges we could never imagine we had to face, set up work-from-home routines, and adapted to hybrid workspaces with the threat of security breaches looking over us at all times as most businesses weren’t ready (in many ways) for what was hitting them. And now that many knowledge workers are going back to the office, we mustn’t let our guard down. One lost or stolen password could potentially pose a threat to the security of an entire organization, ranging from starting with a simple data breach up to a multimillion-dollar ransomware attack.
What are some of the most challenging habits some of us may be facing?
- Your password is written down on paper (possibly a sticky note stuck somewhere on our desk)
- One password for all
- Simple passwords (anything from “password” to “12345Iloveyou”)
What “alarm systems” should we be listening to?
- Industry sources announcing breaches
- Admin (human/UI) warnings to update passwords
- Password storage tools flagging for poor and breached passwords
What can we, as individuals, do better?
- Use 2-factor authentication/an authenticator app
- Use VPN
- Use a trusted password manager
- Use breach monitoring
End of story, or not so fast?
We, as industry specialists, need to do more. We need to help customers and their teams break through their old habits and lead the way to—and here comes the C-word again—change. This, among many things, includes adopting better, more secure work habits. And I’m not just talking about online security, but for the sake of simplicity, we’ll focus on online-only in this article.
Here are a few more ideas on how to help your teams and your customers:
- Install system updates, which usually are security updates these days in a timely manner (maybe as a service?).
- In addition to the training you conduct, collaborate with professionals to test your security education impact (e.g., KnowBe4 – also works as a service).
- Create awareness for the challenges hardware repairs (phone, tablet, laptop, etc.) can pose.
At least in Europe, mergers and acquisitions paint a dire and clear picture. If you don’t know how to handle security, expand your team to lead the way for your clients.
In addition to improving overall cybersecurity, the general focus points for these acquisitions are:
- Email security
- Firewall security
- Cloud security
Other details that are often overlooked include marketing and outreach programs, particularly via email. More and more companies are scanning incoming emails for tracking pixels. As most email campaign programs use these pixels in connection with visuals you add to your newsletter to make them look prettier, this can backfire badly from outright rejection of your emails and potentially blocking your domain to routing them into spam. Images pose a more significant risk to our systems than many of us want to admit—just picture that!