computersecuritynewsITSecurity Training

Complacency and Cybersecurity Awareness

Are we being too complacent in our feeling of “nothing will happen to us” with regard to Cybersecurity?

2 stories tie this theme together:

Phishing awareness training  wears off after a few months

Apparently retraining is required after 6 months.

Ransomware and Observations from Recent IR investigations

Businesses are still getting ransomware, not how it used to be with thousands of automated attacks and attempts. Today the ransomware attacks are targeted and focused on a specific company or person.

 

Does it seem like we are having paradoxes?  I.e. We are getting attacked and yet we do not do anything, or it gets done after the fact.  It might be too late after the attack. It depends on our perceptions, and apparently we do not think it is important enough before we get attacked (successfully)

 

 

We are always looking at the latest shiny object, instead of fixing the basics – i.e.  the patching of computers on a regular basis.

On patch Tuesday there are new patches from Microsoft and others coming  (2nd Tuesday of month)  we discussed it just last week: https://oversitesentry.com/time-to-evaluate-microsoft-patch-tuesday/

 

Contact us to discuss your risk management profile.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.