Fortune reported: "Each fall, Facebook hosts an event called Hacktober in which its security experts attempt to trick employees into falling for common hacking tricks such as phishing scams, in which malicious actors send emails that mimic genuine versions to dupe people into giving up confidential information.
"During the event, Facebook’s security team also scatters around the company’s offices USB sticks and other media labeled “confidential” in order to see which employees are duped into inserting them in their computers, Henley explained. (Through these devices, hackers can penetrate into the company’s infrastructure.)
Hacktober’s aim is to “stage scenarios to spark employee awareness,” Henley said, so that employees remain wary of security threats. For Facebook, it’s all about creating a company culture that values security in order to offset the chances of getting breached." Full article.
A very good initiative! But only one month a year is not enough. Sending simulated phishing attacks needs to be done year round to keep employees on their toes with security top of mind. Continuous training against social engineering is a must these days. Find how how affordable effective security awareness training is for your organization today.
