You can’t protect yourself from threats until you don’t understand them! Though malware and phishing are quite common terms, the dynamics of these cyber-attacks are little known. The age of high interconnectivity and digitization has made our lives easier but has given rise to these attacks as we pay no mind while exposing our data to unidentified individuals.
Given this, in 2018 alone there were around 765 million people affected in April, May, and June only- with losses surpassing tens of millions of dollars.
Even Jeff Bezos, Amazon’s founder & CEO, had his phone hacked in 2018 after a WhatsApp message (malicious file) was opened which led to a massive and unauthorized exfiltration of data from his phone, continuing and escalating for months’ hours after the file was sent. This deterrent example was an eye-opener for all - implying that anybody can be at risk!
In view of this, Srijan Technologies organized a Training & Awareness Session on Information Security for its employees, led by our CISO, Rudra Pratap Singh. The intent was to enlighten employees on International Standards Organization (ISO) standards that the company has formulated to protect its technology and information assets, do’s and don’ts, and best practices to be followed while responding to threats, both internal and external.
The session shed light on various threats such as malicious code, computer hacking, phishing, trojan horses, and denial-of-service attacks that have become more common, ambitious and sophisticated - thereby ensuring that employees stay aware, sensitized, and alert about any suspicious activities, and also enforce information security policies to minimize the risk.
The one-hour session also illustrated examples of many large-scale industries that succumbed to the cyber-attacks, like “Yahoo said its 3 million users’ account details have been compromised”, making it the biggest data theft in the history. Similarly, giant companies like Adobe, Uber, Marriott International and JP Morgan Chase made easy targets for attackers.
Bringing the session to an end, there were guidelines outlined for employees which they should abide by no matter what, like -
- Keep their systems locked
- Get creative with your password and don’t reveal it
- Back up all critical information
- Blow the whistle to higher authorities immediately whenever you see peculiar activities
- Don’t discuss confidential information in the public area
- Avoid using any unauthorized site, and
- Don’t bring any guest/visitors to the office premises
- Don’t open email attachments unless you are expecting it from a trustworthy source
- Ensure that you have a good firewall or pop-up blocker installed.
- Always use a secure browser to do transactions
- Delete temp files, cookies, history, saved passwords, etc. frequently
- Don’t use CD/ USB Drive, Modem unless authorized
Effective security is not one person’s job or responsibility - but it should be corporate culture. Therefore, at Srijan, we take such initiatives to protect our employees from falling prey to such cyber-attacks, both personally and professionally. After all - Prevention is always better than cure!