We are in the final stages of preparing July's NoticeBored awareness materials on "Workplace information security". Six cool new poster designs have come in from the art department so the staff/general employee stream is practically finished, aside from proofreading. We're working hard to complete the management and professional briefings and tying up a couple of loose ends, leaving just the newsletter left to prepare, right on cue. As usual, we've left it to the very end of the month to make the newsletter, and in fact the whole module, as topical as humanly possible.
The latest ransomware outbreak all over the news this week is a classic illustration of the value of the NoticeBored approach to security awareness.
We've covered malware at least once a year since 2003, several times in fact since malware often crops up in awareness modules covering related topics such as social engineering, identity theft, phishing, fraud, email security and cybertage. Every time through the hoop, we endeavor to pick up on emerging risks and new trends ...
I've just done a quick search of the NoticeBored Back Catalog. We first brought up ransomware way back in 2012, mentioning it in several awareness materials. It may be in the headlines now, but it's old news for us and our subscribers.
Here's an extract from the NoticeBored staff briefing on viruses delivered in February 2012:
Ransomware was an obscure issue when it first came to our notice, a risk that has grown steadily until today it is patently substantial - a real and present danger as they say. Because of that it's easy to catch people's eyes with awareness content on ransomware today, and that's great because there are clearly still organizations and individuals who have yet to get the message, unfortunately. So, in March this year, our annual malware awareness update focused almost exclusively on ransomware, an entire module dedicated to ramsomwareness.
Having said that, awareness of current risks and incidents is, in many ways, too late: employees and their employers need to be pre-warned so they have the chance to consider and address the risks before they get hit. I've said it before: forewarned is forearmed.
In the hope that it's not already too late for you, here's a freebie, a taster, with our compliments: a one-page 'scam alert' on ransomware from the March 2017 module.
If you are still running around desperately trying to cobble something together to get the word out to your employees about ransomware, or worse still simply too busy to do anything at all on this topic, we can help.
We have more than 50 Mb of top-quality security awareness content on ransomware ready-to-roll, today:
There are seminar slide decks, posters, briefings, an FAQ, a test, a glossary and more - a smorgasbord of ransomwareness content from which to serve up a tasty meal for your organization. Aside from the general employee awareness stuff, there is a stream of content written specifically for management (e.g. a model policy and metrics), and another more technical stream for professionals. It's all customer-editable, so you are very welcome to adapt it to your particular circumstances and corporate comms style. No need to pay somone else a small fortune to customize it for you, do it yourself.
Email me, now, before it's too late!
PS What are you doing to raise awareness on workplace information security? Is it even on your risk-radar, let alone your to-do list?