 | Cyber Risk ManagementAs a leader in our organization, |
Managing the ever-present risk requires ongoing effort and diligence. To help keep cyber security top of mind, we’ve put together some important best practices that will ensure you and your staff are able to safeguard valuable information and protect our organization. | |
 |
Device Security Only use secure, authorized devices for work activities and make sure they are protected with a screen lock. |
 |
Social Awareness Be very careful of any personal information you post to your social media accounts like LinkedIn and Twitter. Do not publicly announce your location when you are traveling. This information can easily be harvested and used to target you or our organization. |
 |
Social Engineering Attacks Cyber attackers will tap into widely available personal and behavioral data online to profile high-level individuals like you with access to the systems or information they need. The realistic messages they craft are designed to trick you into providing highly sensitive information (e.g., employee tax forms), opening an infected attachment or clicking on a malicious link. Make sure you and your administrative staff know the indicators of these targeted attacks and always follow our security procedures; they are designed to protect you from targeted attacks like these. |
 |
Password Protection Protect yourself with strong, unique passwords for each of your accounts at work and at home. Keep your personal and work passwords different. Never share your passwords with anyone else and never ask an employee for their password. |
 |
Artificial Intelligence (Al) Awareness Al can capture a recording of your voice and use it to create audio that sounds like you in an effort to impersonate you. Using this, a cyber attackers could attempt to trick your coworkers into taking action. Be cautious of your cyber footprint and remind your teams if something doesn't seem right, say something. |
 |
Smishing Smishing is very similar to a phishing email but is sent via text (likely to your personal device). Remember: Any request for money should be verified through an alternate contact method before complying. Look out for requests that are overly familiar in tone, have spelling or grammatical errors, or have an urgent timeline. Requests for credentials, especially passwords or PINs, or messages that include links to login pages are indicators as well. Finally, be careful about sharing personal information, such as your cellphone number or email on public sites like Linkedin. |
 |
If you think your accounts, your data or any of your devices have been compromised, lost, or stolen, please let Information Security know right away. |
Leading by example is a crucial part of your role and as an executive steward of Information Security. |  |
Our security policies and practices are designed to protect you, our Company and its data assets. Contact Information Security whenever you have questions or concerns. Alerting us to potential issues can help prevent incidents. | |
