The founder of Tech Solidarity, a not-for-profit interested in helping the campaigns of progressive Democrats, has been talking to those campaigns about their email security. He's found things about where they were in 2016, when loose practices enabled the Russian government to romp freely through the emails of the Democratic National Committee and the Clinton presidential campaign.
The problems are familiar: using the same password on all accounts, using accounts known to have been compromised, and practices that continue to render organizations vulnerable to phishing. Campaigns are rushed, depend upon a wide variety of user-supplied devices, and, above all, have no one in charge of security.
Lots of help is on offer, but it's either piecemeal or concentrates on higher end problems like protecting financial data and opposition research. What's missing, Tech Solidarity founder Maciej Ceglowski writes, is what they most need: " specific and positive advice about locking down personal accounts, the digital security equivalent of 'wash your hands, boil your water.'"
He's describing in effect a culture of security. That culture can't be improvised in a week, but any organization can do things to build it, effectively and affordably. It's not a partisan or even a political issue, really. It's a matter of building employee awareness of the threat, and of making good use of interactive, new-school security awareness training to help them resist the social engineering they'll surely encounter. News stories of disasters alone won't motivate people to adopt better security practices, but interactive practice will.
The Washington Post has the story: https://www.washingtonpost.com/outlook/2018/09/04/im-teaching-email-security-democratic-campaigns-its-bad/
The world's largest library of security awareness training content is now just a click away!
In your fight against phishing and ransomware you can now deploy the best-in-class phishing platform combined with the world's largest library of security awareness training content; including 300+ interactive modules, videos, games, posters and newsletters.
Want to see all our great security awareness training content?
It’s easy! You can now get access to our new ModStore Preview Portal to see our full library of security awareness content; you can browse, search by title, category, language or content topics.
The ModStore Preview Includes:
40 e-learning modules
16 compliance modules
83 3-5 min videos
26 interactive security-trivia games
265 pieces of artwork & newsletters
Preview the ModStore Now!
(you'll be pleasantly surprised)