NIS2: Sind Sie im Anwendungsbereich?
Das neue belgische Cybersicherheitsgesetz tritt bald in Kraft. Konsultieren Sie es jetzt.
It is important for an organisation to make sure that all collaborators, whether internal or external, are aware of the cyber risks and threats they might face and of the behaviours to adopt when encountering a suspicious activity.
The collaborators of an organisation are the first line of defence when it comes to cybersecurity. Their education on that topic is one of the most important parts in building the organisation’s security resilience: by being able to identify a phishing attempt and avoid it or reporting any suspicious event, collaborators greatly participate in your organisation’s safety. With the consequences an incident, even minor, can have on an organisation’s finances, operations and image, the importance of raising collaborators’ awareness on security cannot be overlooked.
Building a communication and awareness plan that includes campaigns and informative sessions on different cyber topics, including the current threats and advice, ensures that collaborators always keep security in mind. The different topics that can be included in this plan with practical details to share are developed below in: ‘Cybersecurity threats and advice to share with collaborators’. The content of the trainings should highlight the importance the human factor plays in cyber-attacks (e.g., fraud attempts, phishing, CEO-fraud, installation of malware, etc.) and involve the right people (e.g., CEO Fraud training for people responsible for payments, mobile devices risks and best practices to collaborators with organisation mobile phones, etc.).
Proactivity is one of the key elements to prevent an incident from happening. The plan should define the topics that should be included, the format (e.g., e-learning, exercise, intranet messages, email messages, etc.), the objectives to attain, the audience and the timing (e.g., weekly, monthly, every three months, etc.). Training and communication should be targeted to the risks collaborators are facing. To assess the efficiency of the trainings, evaluations can be included in the format of tests. And to make the training more interactive, quizzes can also be included. For example, you can invite your collaborators to take our phishing test on https://www.safeonweb.be/en/quiz/phishing-test.
In addition to proactivity, repetition is also important. Awareness messages should be repeated at regular intervals to maintain the awareness or enhance it on specific aspects. The organisation should use an open communication culture, not a blaming one, to diffuse information on attempts of a cyberattacks efficiently.
Would an organisation already have internal policies, procedures or best practices in place, it is important to share the key recommendations and guidelines included in those with collaborators. This way, they can all be aware of the intended behaviour. When
communicating on policies, procedures and best practices, make sure to always stay concrete and practical and underline key messages such as ‘What is it?’, ‘Why is it important’ or ‘What’s in it for us?’.
Your organisation has no policies in place already? Several policy templates are available on our platform to help organisations build internal procedures.
Involving top management and boards in this communication is necessary and help show the importance an organisation gives to information security. Every collaborator should be part of the communication, no matter their role in the organisation.
Once collaborators know what to do when facing a cyber threat or incident, they also need to know how they can report any undesirable event they might witness. Raising collaborators’ awareness on security should also include communications on the necessity to notify something unusual they find or see in the offices, on their workstations, on their mobile devices, or on the network. Collaborators need to know when, how, and to whom they can reach out to notify a potential incident.
Our incident management policy template can help organisations define an effective incident management process, including the reporting part.
The threat landscape is constantly expanding. There are many common cybersecurity threats organisations are facing nowadays that collaborators need to be aware of and to know how they can react to them:
Through the use of fake emails or phone calls, cybercriminals try to collect personal or professional information they can use to make profit. Stay vigilant to potential scam or malicious messages and report any suspected phishing attempt to suspect@safeonweb.be.
For more recommendations on phishing, visit our dedicated article.
By installing a malware on one or multiple organisation’s resources, cybercriminals block the access and information they are willing to give back in
exchange of a payment. Stay vigilant to potential malicious message and ensure thay your systems are updated, backed up and protected by an antivirus.
For more recommendations on ransomware, visit our dedicated article.
Cybercriminals gain unauthorised access to a website configuration and data and use it for malicious purposes (e.g., launch other attacks, access sensitive information, etc.) that will make them earn profit. Some steps you can take to prevent your website from getting hacked are to protect all the accesses to your content management system and to keep all your components updated.
For more recommendations on website hacking, visit our dedicated article.
Cybercriminals modify and/or replace the initial content displayed on a website to share a message or disrupt operations. Pay attention to any change made to your organisation’s website and report it as soon as possible.
For more recommendations on website defacement, visit our dedicated article.
A Distributed Denial of Service attack aims at disrupting the usual operations of an organisation’s web host or server by overloading an internet server and launching an enormous amount of page requests. You can mitigate DDoS attacks by implementing, amongst others, a firewall and Multi-Factor Authentication for the access. Multi-Factor Authentication requires a user to provide at least two different methods (e.g., passwords and PIN code, PIN code and a code received via text) to verify their identity and grant them access to the resource they are trying to reach.
For more recommendations on DDoS, visit our dedicated article.
A virus represents malicious code that can harm a device and the data it contains either to steal data, encrypt it and request a payment or make the device unavailable. One of the main controls to protect against computer virus
is to have an antivirus solution installed on all devices and make sure to keep it up-to-date.
For more recommendations on virus, visit our dedicated article.
An authorised individual gets access to an account and all the information it contains to use them for malicious purposes, such as stealing data. To make sure an account doesn’t get hacked, set up strong passwords by combining upper and lower cases, symbols and numbers. In addition, Multi-Factor Authentication should be implemented wherever possible.
For more recommendations on account hacking, visit our dedicated article.
Through the impersonation of a CEO, cybercriminals reach out to collaborators and try to convince them to execute a payment or provide confidential information. Establish clear procedures on wire transfers and clear guidelines on information sharing to make sure collaborators don’t respond to cybercriminals’ requests when executing a CEO Fraud attack.
For more recommendations on CEO fraud, visit our dedicated article.
Through persuasion, threat or any other form of putting pressure, cybercriminals try to convince collaborators that they either need to execute an unplanned and urgent transfer or give away confidential information and/or internal procedures about how to execute a payment. As for CEO fraud, establish clear procedures on wire transfers and clear guidelines on information sharing to make sure collaborators don’t respond to cybercriminals’ requests.
For more recommendations on fake wire transfer, visit our dedicated article on LINK.
Through impersonation of technical support, cybercriminals try to convince collaborators that their device need technical assistance for which they should pay or provide confidential information. Make sure to inform collaborators about this type of scam and to share some tips and tricks to stay protected, e.g.,
watching where they surf, downloading updates from official websites and keeping all devices up-to-date.
For more recommendations on fake technical support, visit our dedicated article.
By sending unsolicited messages to a large number of collaborators, cybercriminals try to execute a phishing, spread malware or steal confidential information. Stay vigilant to potential scam and report all scams you receive to suspect@safeonweb.be.
For more recommendations on spam, visit our dedicated article.
In addition to educating collaborators on the threats they are facing, organisations can also give them best practices and advice to adopt to prevent them from falling for a cyber-attack:
Strong passwords are built by combining upper and lower cases, numbers and symbols. They should be completed when possible with Multi Factor Authentication, which requires a user to provide at least two different methods (e.g., passwords and PIN code, PIN code and a code received via text) to verify their identity and grant them access to the resource they are trying to reach. Finally, Password Managers help manage several passwords by storing them safely.
For more recommendations on passwords, visit our dedicated article.
Several cyber threats can be encountered on social media, such as phishing, account hacking or malware. Collaborators can protect their information by using Multi Factor Authentication and strong passwords.
For more recommendations on social media security, visit our dedicated article.
It is important to separate professional and personal usage by differentiating chat services, passwords and backup services.
For more recommendations on differentiating professional and personal usage, visit our dedicated article.
Anyone can access a public Wi-Fi. Its use should be restricted to when it is necessary and the use of a Virtual Private Network, a solution that helps encrypt and hide internet traffic to whomever might be trying to “listen” to the data that is being transmitted, should be implemented.
The legitimacy of a website can be determined by checking if the address is the real one, checking the reputation and assessing the payment method to see if it seems odd (e.g., through a parcel or transport organisation).
To ensure working from home is done in a safe way, the devices and data should be secured by restricting and protecting their access.
For more recommendations on securing homeworking, visit our dedicated article.
Mobile devices also contain personal and/or professional information and should be secured accordingly by establishing a strong password or PIN code to access them, keeping them up-to-date and backing up all the important data.
For more recommendations on mobile device security, visit our dedicated article.
The most valuable information should be identified and backed up accordingly to ensure its availability in case of an incident.
For more recommendations on backups, visit our dedicated article.
Keeping all the resources updated ensure that they have all the security enhancements needed. Those updates should be downloaded only via official websites.
For more recommendations on updates, visit our dedicated article.
The right type of antivirus is picked based on what needs to be protected, the features it offers and how much expertise is needed to manage it. An antivirus needs to be updated whenever possible to ensure its efficiency.
For more recommendations on antivirus, visit our dedicated article.
The aim of this content is to share and raise awareness of good cyber security practice.
Some of this advice may apply differently depending on the context of your organisation.
Always comply with the policy and instructions in force in your organisation.
If in doubt, always ask your IT manager for advice first.