A Free Covid-19 Cyber Awareness Email Template
Since the end of February, phishing emails have spiked by over 600% as cyber attackers look to capitalize on the stress and uncertainty generated by the Covid-19 pandemic.
The attackers behind these malicious emails typically pose as a trusted organization or a legitimate source (i.e., World Health Organization (WHO), the Centers for Disease Controls (CDC), government agencies, banks, coworkers, etc.) who claim to have information regarding Covid-19 such as the latest statistics, advice for staying healthy, refunds for event cancellations, and information regarding government support packages and stimulus checks. If successful, these types of attacks can compromise credentials, personal and corporate data, and critical systems and open the door to a wide array of corporate fraud.
Covid-19 has already forced many organizations to quickly transition to a fully remote workforce, which has created new security and privacy risks. Since anyone can be a target for a Covid-19-tailored attack, it is important to ensure your employees are prepared to recognize these phishing schemes.
3 Key Risks Threatening Cloud Security in 2020
For years now, organizations have resisted moving key enterprise systems to the cloud because of their concerns around cloud security. However, the idea that cloud offerings like IaaS, SaaS, and PaaS lack strong security controls is myth. In fact, Gartner posits that public cloud service providers (CSPs) are even more secure than traditional in-house implementations. Instead of tailoring their products to organizational structures, applications, policies, and politics, cloud products are designed to meet rigorous security standards like ISO 27001, SOC 2, and FedRAMP.
But while these products are often built with strong security controls, human configuration of these tools still creates risk. Gartner estimates that 99% of cloud security failures through 2025 will be customers’ fault. Customizing cloud systems and applications – a necessary step for many integrations – alters the security of the product, exposing organizations to new risks, if not managed properly.
The first step in assessing and managing cloud security is evaluating the tools (e.g., automation scripts, APIs, third parties, VPCs) that are used to generate and provide cloud resources to your users. In this post, we’ll look at the three most critical cloud security risks facing businesses today and how to address them.