Scott's Human Cyber Security Insights for July 27, 2024

Hello Cyber Champions! ?? ??

Lately, there's been a lot of talk about cyber security in the news headlines, so let's get into it. Today's topics are:

?? Tip of the Week: Teach the motivations and clues behind insider threats

?? Crowdstrike outage fuels scam surge

?? Podcast appearance: How gamification can help your employees protect your business

?? What you can learn from the CDK Global cyber attack

?? Rottenphish: When live testing causes unwanted social media posts

1) Tip of the Week: Teach the motivations and clues behind insider threats

It can be hard for employees to spot potential insider threats, or even to imagine that a co-worker may have hidden motivations such as addictions or outside situations that may influence their behavior.

But there are clues that employees can watch for that may be a sign of questionable motivations, such as:

• Uncharacteristic changes in mood
• Appearing to be intoxicated
• Appearing nervous or anxious for no known reason
• Unusual interpersonal difficulties or unexpected displays of resentment
• Creditors unusually aggressive personal callers at work
• Sudden, unexplained wealth or generosity
• Unusual interest in sensitive information

One instance of unusual actions may not mean anything. But having employees watch for notable patterns of behavior can help reduce risks from insider threats.

When hiring new staff, you are acting on relatively little information. So, extra authentication should be a standard part of the process, to verify the identity and background of people being recruited.

Click Armor? offers an interactive Insider Threats course that helps employees in understanding what could motivate a colleague to abuse privileges and act against the interests of the organization.

2) Cyber in the News: Crowdstrike outage fuels scam surge

Globally, at least 8.5 million computers were impacted due to the Crowdstrike outage last week. The impact was felt around North America as thousands of flights were cancelled and many businesses were left inoperative.

Although Crowdstrike confirmed that this incident was not due to a cyber security breach, cyber criminals still know how to take advantage of a high-profile emergency situation: Multiple government organizations are warning about scammers pretending to be Crowdstrike Customer Service Representatives, reaching out to "help" accounts get back online. Read more HERE .

3) Podcast Appearance: How gamification can help your employees protect your business

Employees are now the most targeted part of your business by cyber attackers, and managing the risks related to human vulnerabilities is not always as easy as executives would like it to be.

In this episode of The Conference Room with Simon Lader I discuss some of the strange, but important aspects of measuring and managing human responses to cyberthreats.

4) Click Armor Blog: What you can learn from the CDK Global cyber attack

The CDK Global cyber attack left thousands of North American automotive dealerships inoperative after the SaaS platform was forced to go offline. The breach made major headlines as dealerships representing the biggest names in the automotive industry struggled to conduct business.

Read our latest blog to discover what you can learn from this unfortunate incident HERE .

5) Rottenphish: When live testing causes unwanted social media posts

I regularly refer to social media posts by employees of organizations that show how poorly planned and executed live phishing tests can create unintended damage to culture, and less-than-useful data or other undesirable outcomes. Today, let's look at the basic fact that so many people post on social media about their employers' live phishing tests. While they may "appear" to be relatively anonymous, it's often fairly easy for anyone to determine what organization is being referred to in a post like the one below.

Techncial vs. human vulnerability testing

Unlike in technical penetration tests, where worst-case impacts of "ethical hacking" exercises can be estimated and prepared for in a straight forward way (i.e. application outages, or database corruption, etc.), live tests of employee behaviors in the face of a simulated phishing attack can have very public outcomes. These can not really be controlled.

This is why I prefer to avoid using "hot button" pretexts in messages that trigger people to have potentially severe reactions, where they may post criticisms of their employer on social media. But you can never really tell what kind of situation will trigger some employees to act in a way that embarrasses the organization, or worse.

Setting proper expectations for posting on social media

Most importantly, if your organization does live phishing simulations, you should make employees aware in advance of the need and rationale for doing these kinds of occasional live tests, and make sure they know what responses are expected, as well as what actions are unacceptable in any situation.

You can work with the PR department, as well as HR to clarify "acceptable use policies" so that employees know what they are allowed to post on social media, or not. With this as the context, you can then teach employees to not let emotional triggers from either "external attacks" or "internal tests" cause them to take unacceptable actions that would require damage control.

About Click Armor?...

The Click Armor, The Employee Cyber Confidence Builder? is a purpose-built platform for developing cyber confidence and proficiency among employees. It uses interactive, immersive exercises and simulations to build a more resilient workforce through a more positive user experience and metrics.

Start moving your program from low-value, compliance-based training to be more focused on meaningful insights for employees, with targeted, role-based guidance using Click Armor's engaging, interactive content. We can also enable more effective remediation of your known employee security vulnerabilities, to support your Human Risk Management process.

Engagement enables better learning and attitudes

Of course, remediation requires engagement. If employees aren't engaged, they won't learn, and will remain vulnerable.

Click Armor? is the interactive security awareness platform that enables fast and easy remediation of cyber security awareness issues. It engages employees, unlike anything you've seen before to learn, retain knowledge and improve resilience to attacks.

Why is it more effective?

After 15 years of teaching security awareness, including running large scale live "phishing tests" on my customers' employees, I observed how people will use any excuse to "disengage" with awareness training. So, we created Click Armor to keep employees focused on learning, with a more rewarding and relevant experience.

Imagine how your security culture could be improved if YOU (or one of your team's top executives) could be the central character in your interactive security awareness training experience?

Find out how you can improve your team's cyber confidence while getting more employees through compliance training faster, strengthening your organization's security culture, and helping staff more effectively avoid phishing and social engineering attacks that target human vulnerabilities.

Make sure you are using the right tools to build a cyber confident culture, with a strong, positive and inclusive security training program.

If you'd like to see a quick demonstration of how Click Armor can be a key part of your human risk management program, check out this narrated video HERE .

Visit the Click Armor website at: https://www.clickarmor.ca