ComputerWorld in Australia reported on a very nice success where security awareness training prevented a major ransomware infection. They started out with: "People like to ask the security manager, "What keeps you up at night?" My usual answer: "Employees." And there's good reason. About 95% of the security incidents my department responds to are a result of an employee doing the wrong thing, whether it's clicking on an evil link within an email, installing a malicious program or sending a sensitive document outside the company.
Trouble Ticket
At issue: An employee's files are all encrypted after she clicks on a ransomware link.
Action plan: Get the files back, make sure no one else fell victim, and find out how that ever got through the email filters.
A director in the sales organization gets a lot of emails that contain faxes (or links to faxes held by a third-party fax service) from customers. The faxes might be purchase orders, contracts or other business-related documents. This sales director isn't directly responsible for any of those things, so he simply passes the emails on to the people who are. At some point, though, he grew tired of all that forwarding, so he started auto-forwarding all emails containing the word "fax" in the subject line to predefined distribution lists. And that was working out just fine -- until last week.... Read the rest of the story here: