If a cybercriminal tried to penetrate your office network, would you be able to recognize the hack?
As companies move more of their business operations online, cybercriminals are following them and looking to take advantage of unsuspecting employees to gain access to valuable company information.
Often, the weakest link in network cybersecurity is the human using a computer for work.
You have a very important role to play in cybersecurity. As seen in our “Months to Milliseconds” video, the responsibility for cybersecurity does not fall solely on the IT department. Everyone – from the entry-level employee to the CEO – has a responsibility to implement basic best practices.
As part of National Cyber Security Awareness Month 2016, we are focused on promoting a culture of cybersecurity at work. The first step: Educate and raise awareness for all employees. Here are simple actions you can take to protect information at home, on the go and at work:
- Make your passwords complex. Create long, complex passwords that adhere to company/agency policy and that include a combination of upper and lowercase letters, numbers, and symbols.
- Beware of phishing emails. Do not open emails, links, or attachments from strangers. Phishing attacks use email or malicious websites to infect your machine with malware in order to collect personal and financial information.
- Report all suspicious activity. If you notice something seems off or unusual with your computer, report it immediately to your IT department.
DHS has a number of resources to help businesses and organizations improve their cybersecurity. The C3 Voluntary Program supports industry in increasing cyber resilience, promotes awareness and use of the Cybersecurity Framework, and encourages organizations to manage cybersecurity as part of an all hazards approach. The Enhanced Cybersecurity Services (ECS) provides an intrusion prevention capability that helps U.S.-based companies protect their computer systems against unauthorized access, exploitation, and data exfiltration. Our Automated Indicator Sharing (AIS) is a free capability that enables the exchange of cyber threat indicators between the federal government and the private sector at machine speed.
Cybercriminals often prey on human error – such as employees clicking on a link in a phishing email or using a weak password – to gain access to an organization’s computer networks and information. I encourage you to take advantage of our tools and tips and help promote a culture of cybersecurity in your workplace.