Here we have another good example of why good security awareness training is so important. Cybercriminals are very quick to take advantage of the latest news to increase the chances of success in their phishing attacks. Does your security awareness training adequately cover this? Do your users understand not to click on those links in unsolicited emails, Facebook pages, etc.?
And another example…
When there’s significant news, such as the recent death of singer/songwriter Amy Winehouse or the attacks in Norway, it may be a good time to send a reminder to employees about these types of attacks. And for those of you needing to comply with security standards such as the PCI DSS, this will also support the requirement for ongoing security awareness training.
Jeremy Simon, PCI QSA, CISSP, CISA
Practice Lead, PCI Compliance Services