Every October, we celebrate National Cybsersecurity Awareness Month (NCSAM). This NCSAM, the five weeks of October are focused on five separate cybersecurity themes: simple steps to online safety, cybersecurity in the workplace, prediction for tomorrow's internet, consider a career in cybersecurity, and critical infrastructure. Cybersecurity still seems like a foreign and daunting subject for many businesses. Cybersecurity, however, is an increasingly important topic for everyone to understand, and NCSAM is the perfect opportunity learn.
At Cisco, we love NCSAM! As cybersecurity experts, we are here to help provide awareness to both businesses and individuals. Cybersecurity is not just for businesses. Everyone who connects to the internet of things needs to be aware of cybersecurity. For this reason, week one of NCSAM focuses on simple steps to online safety. While there are many steps individuals can take, we want to prioritize email security. More specifically, individuals need to understand the dangers of phishing attacks.
What is Phishing?
Phishing is the malicious practice of sending fraudulent communications that appear to come from a reputable source with the intent to steal sensitive data or install malware. It is usually done through email. These attackers are very clever. Sophisticated social engineering attacks can look identical to emails that users frequently receive from their banks, employers, etc. Within a phishing email, there will be a call-to-action to click a link or provide credentials. Simply clicking the link can authorize the installation of malware.
How do I defend myself?
Typically, email security requires two components: a multi-layered threat defense and user education. For businesses, they may have thousands of users capable of falling for a phishing attack. Businesses can invest in multi-layered solutions. A sophisticated email security solution paired with advanced malware protection (AMP) and ransomware defense measures can protect them. For individuals looking for security at home, they probably cannot go buy commercial grade solutions. Educating themselves on phishing, however, can go a long way in protecting their devices from theft.
Here are a few tips for individuals that are concerned:
Always be ready
For individuals, these simple steps can help protect you. They are not a complete solution, but they are helpful. Continue to learn about practices that can increase the cybersecurity of your household. If you have additional questions, reach out to a security professional.
For businesses, educate your employees on simple tips like these. Just know these are not sufficient for a business. Even small businesses have numerous more access points to their network. The attack surface of a business is much greater than a home, so businesses must deploy a multi-layered threat defense. With Cisco Advanced Phishing Protection, you can stop identity deception based attacks such as social engineering, forged email, and business email compromise. Combined with Cisco Talos threat intelligence, Cisco Advanced Phishing Protection uses advanced machine learning techniques to bring trust to your organization's inboxes.
Learn more about how to protect your business from phishing attacks by going to www.cisco.com/go/emailsecurity and check out the Cisco Data Protection Phishing Infographic.