Corey Skadburg, COO of cybersecurity training firm BrightWise, has released a white paper on the vulnerability employees pose to credit unions under attack from cybercriminals.
“More connected than ever before, the modern workforce appears to a cybercriminal the way a screen door appears to a neighborhood burglar,” Skadburg writes in the paper, “The Human Exploit: A Cybercriminal’s Smoothest Pathway In.”
Four threats targeting unsuspecting employees are addressed in the paper: Social engineering paired with phishing scams, ransomware, credential stuffing and mobile malware. The tactics that cybercrooks use to deploy each of the scams, as well as resulting costs for employers when staff fall victim to them, are described in the paper.
In addition to outlining some of the more common scams targeting employees, Skadburg offers four simple, cost-effective activities credit unions may consider for boosting employee awareness of cyberthreats:
Build a gamified leaderboard. Names of employees who do well in the training games are displayed alongside emoji-esque trophies and other digital carrots that show off their status as stand-out employees.
Train and track with on-demand content. On-demand training resources allow employees to flex awareness activities around their other obligations.
Host after-hours social events. Trivia night or another competitive activity teaches through fun.
Bait the hook and let it fly. Credit unions can deploy a few test phishing campaigns themselves, such as sending out a series of emails with subtle red flags or dropping a few USB thumb drives in common areas.
“Employee negligence is one of the biggest cybersecurity risks to U.S. businesses,” writes Skadburg. “All it takes is one mistake by an employee in the building, or another working remotely, to let the bad guys in. Often, employees don’t even realize they are engaging in risky behaviors. Leadership owes it to their members, boards and the employees themselves to invest in properly training the frontline for the inevitable cyberattack coming their way.”
Credit union leaders can download the white paper, “The Human Exploit: A Cybercriminal’s Smoothest Pathway In,” at https://www.