Plenty of people are blogging, tweeting and quoting this article from McAfee posted on CNET, and justifiably so – it’s well-timed and contains pertinent information.
If you’re involved in an ongoing process of security awareness training, consider including these topics in your materials – whether it’s a presentation during your November/December staff meetings, or your November/December monthly email messages to your staff, or a set of posters for the staff canteen.
Some of the 12 topics are fairly generic so – if you’re limited for time – I’d recommend that you focus on the 6 that are most relevant to the holiday season:
- Charitable phishing scams.
- Fake invoices from delivery services.
- Holiday e-cards.
- Fake “luxury” jewelry.
- Auction site fraud.
- Christmas carol lyrics.
As #12 of our Best Practices for Security Awareness Training notes, and as recommended by NIST SP 800-50:
Training [should include] the importance of security to the individual’s life outside of work.
Increased awareness of security issues by your staff will help them personally, and will also help to make your organization more secure.