On the occasion of Safer Internet Day 2021, TECHx goes one-on-one with Morey Haber, CTO & CISO – Beyond Trust to discuss current cyber threats for businesses, remote working scenarios – and risks on social media.
TECHx: In the context of Safer Internet Day, what are the internet-based threats most important for businesses to be aware of in 2021?
Morey: In the context of Safer Internet Day, the most important internet-based threats businesses need to be aware of in 2021 are:
- Phishing attacks, not only via email but also via voice and text, targeting individuals with social engineering based on their job roles and responsibilities
- Vulnerabilities affecting users working from home including insecure home WiFi, end of life internet connected devices and connect-to-home networks
- Attacks on the vendor supply-chain affecting product updates and third-party solutions that are not managed directly by the business
- Excessive administrative privileges granted to users in order to perform their job functions inside and out of the office. These are prime targets for threat actors to hijack in an attack since they can easily grant them unrestricted access to sensitive resources.
TECHx: With the rise of social media, how can we nurture and increase public awareness on cybersecurity, so that people become more responsible when using technology and digital gadgets.
Morey: With the rise of social media, responsible usage requires individuals to change their behavior when it comes to how they share, read, and consume information that is factual versus laden with lies, fake news, and potential conspiracy theories.
First off, you should not believe everything you see online. Nation states, malicious actors, and individuals with latent mental illness can post outrageous stories to attract individuals into civil unrest and ridiculous conspiracy theories. You need to adopt the business practice of “trust but verify” with all of social media. You may or may not trust the individual that posts a story but, in the end, it is up to you research the story and verify the contents.
Second, just because a story shows up on multiple feeds, does not make it true either — it might simply be the case that many others are not verifying the story and maybe sharing it without regard to the truth.
Finally, with social media being available on almost every device, the importance to use sound judgment in posting content is key to ensure it is not a malpresentation of the fakes or could lead to the wrong conclusions.
TECHx: On the occasion of Safer Internet Day 2021, give us some tips on how to stay safe on the internet in today’s remote working scenario.
Morey: For most of us that fall in the work-from-home category, staying safe at home requires more than just being vigilant about how we use technology. The human factor is just as important and burnout is a real thing. To that end, from a management perspective, there are a few lessons I’ve learned that can help mitigate the threat of burnout.
To be fair, these are not all my ideas. I have spoken with many of my peers, and they have offered these solutions to combat work-from-home burnout. Sharing the best ones, unfortunately, has not coalesced outside individual executive teams and close-knit management circles. Burnout has become a very real problem, and documenting my experience and conversations with others feels like the right thing to do as we all manage through this pandemic together.
Set clear boundaries.
Consider establishing simple rules of engagement for remote employees. This can include:
- Establishing acceptable hours for videoconference calls.
- Requesting that all employees’ cameras are enabled for videoconferencing.
- Requesting emails be sent only during business hours and make after-hour emails for emergencies only.
- Providing flexibility for home-schooling or other personal requirements that do not burn into employee vacation or PTO.
Give your employees the technology they need.
If your budget allows, you can also accelerate their laptop refreshment cycle to ensure all your employees have the best technology possible when working from home. Employees with good equipment generally are less frustrated and feel more valued when given the best equipment their companies can offer.
Break up the work week.
Breaking up the work-from-home monotony is essential without water cooler chitchat or upcoming travel on the calendar to break up the routine. Here are a few ways you can add some variety to the workweek:
- Determine one day a week for employees to catch up on work. For example, establish “No Meeting Thursdays.”
- Schedule virtual events to replicate normal office celebrations, such as work anniversaries, retirement, birthdays, etc
- Switch to a flexible four-day workweek of 10 hours each day. Odds are, many remote employees are already putting in 10 hours a day at home anyway.
- If funds are available, periodically reward employees using home delivery services for food or swag. Employees who would frequently go out to lunch are feeling social distress by not having this activity as a part of their work routine.
- Do not forget to ask or require employees to take vacation time. It may be a staycation, but everyone needs some downtime from the endless cycle.
Revamp your HR.
An effective human resources department is vital to fighting burnout. They can embrace the health care plans for your employees and send reminders to make sure everyone is aware and feel comfortable contacting any mental health services you provide. New employees can be especially overwhelmed by the lack of person-to-person contact when onboarding in a remote setting, and self-doubt can set in. Some successful organizations have established the following additional onboarding operating procedures to ensure the process is productive:
- Establish a regular cadence of peer communications via email and videoconferencing to establish a comfort level and inclusion with their new team.
- Establish a mentorship program for the new hire outside of their hiring manager to provide inclusion within the larger organization.
- Ensure HR, IT and key personnel establish regular touchpoints with the new hire to gauge whether there are any issues.
- Create and maintain an ombudsman deck for new hires to help answer business questions that would normally be handled by in-person office staff.