One overlooked side-effect of the GDPR (General Data Protection Regulation) is the extent to which data privacy and information security have become widely discussed.
Thousands upon thousands of emails were sent in the couple of weeks leading up to the GDPR’s 25 May deadline, informing people about the Regulation and what companies were doing to become compliant. Although many of those emails weren’t actually necessary, it certainly encouraged the public to take more of an interest.
I’m in no way an expert on the GDPR or information security but, as I work for an organisation that specialises in both, my friends often come to me about anything privacy and security related. For example, the below screenshot shows a friend asking me about a suspicious link.
That link ended up sparking a discussion in my friend’s office about phishing. I’ve also noticed similar discussions between my friends, passers-by, news segments etc.
Discussion is good
Having your staff regularly discuss phishing attacks is actually a very good defence vector, as it ensures they keep phishing on their minds and educate each other about methods of discovery.
Another way of raising staff awareness of phishing is putting up posters in your office to remind people about phishing attacks and what they can do to spot them.
In the video below, you’ll see not only an Oscar-worthy performance from my eyebrows but also what the posters can do when a potential breach is on the cards…
You can buy a set of posters for your office for just £35. The cost of a data breach is significantly higher than that…