Be Prepared for this Cybersecurity Event
HOW TO PREVENT PHISHING ATTACKS:
- Implement an awareness and training program for staff
- Place interval controls to prevent any one person from having unrestricted, unmonitored information
- Institute policies forbidding the transfer of financial assets and personal information unless accompanied by verbal or in-person confirmation from stakeholders
- Use caution with unsolicited calls or emails from anyone asking for internal information
- Use anti-virus software, firewalls, and spam filters as directed by IT staff
- Use complex passwords at least eight characters long, including letters, numbers, and special characters (!, #, @, $, etc.)
IF YOU ACCIDENTIALLY CLICK A PHISHING LINK BUT AREN’T SURE OF INFECTION:
- Immediately contact management and your network administrators
- Isolate your computer from your district’s network
- From a separate computer, change your passwords that grant access to systems
- Refer to IT administrators to determine if an infection has actually occurred
- Notify your insurer
- CSD Pool members should visit eRisk Hub’s Incident Roadmap to determine if the event is a real incident
IF YOU WERE SUCCESSFULLY PHISHED OR A VICTIM OF SOCIAL ENGINEERING:
- Immediately contact management and your network administrators
- Secure all network logs, audits, notes, and any other documentation on the incident
- Notify your insurer
- Contact law enforcement and legal counsel for assistance
- If necessary, prepare notifications to any customers or employees whose information has been compromised and obtain credit monitoring services on their behalf
Click here to order your copy today.
