One of our core commitments when we began developing Webroot® Security Awareness Training was to remain relevant. We pledged to continuously develop content that reflected the latest threats faced by businesses and users as they arose.
One of the most significant challenges we’ve seen since the launch of our user training tool has been the shift to remote workforces forced by the novel coronavirus outbreak. It’s dealt a serious blow to the cyber resilience of many organizations and is something, we felt, needed to be addressed.
We’re happy to announce that a course designed to do just that is now available. It’s a guide for organizations and their users to maintain their cyber resilience with dispersed workforces, and we hope you’ll enroll.
Why bother developing a Cyber Resilience while Working from Home Course?
Cybercriminals know many remote workforces are no longer always under the watchful eyes of IT teams. They know some are even working from their own devices, often outside the protection of group network policies, mandatory patches and updates, data backup, a VPN—they maybe even be operating without an antivirus. In other words, prime targets for data breaches, ransomware, and other internet-enabled attacks.
The data we see here at Webroot backs up this shift in focus. In March alone we identified 522 thousand phishing sites, a 350% increase from the month before. Most of those were COVID-related. Even as some semblance of pre-COVID life begins to reemerge in some parts of the world, malicious hackers are still looking to take advantage of the angst and desire for more information about the virus.
How to stay cyber resilient while working remotely
The course is packed with tips, and I encourage all to take it and/or make it available to users, either through your existing Webroot Security Awareness Training subscription or by initiating a free, 60-day trial today.
Here are examples of some of the topics the course covers:
- Maintaining a cybersecurity mindset while remote. Beware pushy messages and those trying to inspire a sense of urgency. Take a moment to think critically about the message you received. What sort of attacks could you possibly be enabling with the action requested? Is this kind of talk out of character for the supposed sender? If you’ve been asked to enable macros to download an attachment, alarm bells should be ringing.
- Defending sensitive information. Fist you must understand what constitutes sensitive information. Personally identifiable information (PII) qualifies in nearly all cases. Ask yourself who might benefit from obtaining the information entrusted to you, even if that means selling it on the Dark Web for a few dollars. Understand data privacy laws like GDPR and CPPA, how they apply to your organization, and what it stands to lose if those regulations are violated through the leak of sensitive information.
- Guarding your devices. Certain habits and procedures will set users up for success when working remotely. Always having an antivirus installed and turned on should go without saying, though too often it doesn’t. Maintain a regular schedule for installing patches and updates, maintaining secure password practices, and changing the default ID and password on home routers are all good practices for starters. If these or other practices like using two-factor authentication may be unfamiliar for either you or your users, this course is for you.
It’s tough to predict what a post-COVID work world will look like. But it’s probably that remote workforces, at least in some industries, will be a feature of that world. This course will teach you how to best secure them.