Cybersecurity Awareness Month – Week 1


Password, password, password

Sounds like a broken record, but having a strong password is critical to ensure that hackers cannot easily hack through a software tool

Good policy is to change passwords every 30 days

Worst passwords of 2016


Lock your computer when you’re away from your desk

If you are working with sensitive information, don’t leave this open to chance. A rogue employee could exploit an open laptop by quickly taking information onto a USB key. “Windows Key +L”, shortcut to lock your screen

BC Government has some good tips for companies


Be vigilant of Social Engineering

Treat the office like your home. If there are people wandering round the office that you are not too familiar with. Stop them and say hi, and figure out who they are.

Social engineering is on the rise, it’s much bigger than ever. Scammers are trying any means possible to break entry and access the crown jewels

Companies are paying for specialist Ethical Social Engineers to test both physical security and network security.


Phishing Emails

The No 1 threat to organisations today… without fail!

Employees must be conscience of suspicious emails and employ a “think before you click” mindset.

How to train employees for phishing attacks


Engage, Educate, Train

Employees need to be trained to break habits, so they become more vigilant, more secure, and think safety first

You do not want to be the next Equifax

Give onus to employees for training their staff, rather that having management implement the cybersecurity awareness policy. This has worked well for large companies like Salesforce and Adobe. Read about it in Walls Street Journal piece on Better Way to Teach Cybersecurity to Workers


Week 2, we’ll talk about systems and locking down access.