LTC Scott C. Scheidt (RET), Director, Cybersecurity Workforce Education Center at Savannah Technical College spoke at the Nov. 19, Liberty County Chamber of Commerce’s Progress through People Luncheon on the importance of cybersecurity in the workplace.
Scheidt said that his experience as a former Georgia National Guard Intelligence Officer exposed him to the hidden world of Cybersecurity and the Dark Web. He said the field of Cybersecurity is still in its infancy and much more work needs to be done to secure organizational networks in the workforce.
Scheidt said workplace cybersecurity was thrust to the forefront thanks to the coronavirus, which forced companies to send employees home and work remotely.
“We all had to respond to the world differently around March and April of this year,” he said. “One of the things that we teach our students in cybersecurity class is how to develop and build a business continuity plan and a disaster recovery plan.”
Schedit said many organizations and even certain municipalities don’t have a plan in place which focuses on cyberthreats and security for remote employees.
“When we reach out to our workers and tell them to work remotely your organizational data is now flowing through people’s houses,” he said. “It’s flowing through their personal cell phones. Its flowing through their personal WiFi at home.”
Scheidt added that organizations need to add language to their business plans to include how they would stop or lessen the threat of malware and viruses which could cripple an organization due to an increased data and cyber footprint from remote workers.
He said organizations should provide workplace computers and smart phones that can connect back to the company via a virtual private network (VPN).
“In your plans you are going to need to have something in there about how you are going to store and manage your data in a remote workplace,” he said.
He also noted that remote workers need to be more vigilant with their emails.
“The biggest threat to our network is the wet-ware that is controlling it,” Scheidt said. “We have hardware and software in the computer. The wet-ware? well look in the mirror, we are the wet-ware. All the water between our ears that is dealing with the network.”
Scheidt said a newly discovered cyber threat is called an email appender.
According to Gemini Advisory, an email appender implants emails directly into a target mailbox. This allows attackers to put malware-infected or tailored phishing emails into victims’ mailboxes without actually sending the email, thereby bypassing email security platforms that inspect messages en-route to their destination mail server. This new tool poses a significant risk to both individuals and businesses as it raises the success rate of malware attacks, allows for more sophisticated phishing and business email compromise (BEC) campaigns, and opens the door for simplistic ransomware-like attacks.
Scheidt said employees should never open email attachments from organizations they are not familiar with. If an employee is unsure whether the email is legitimate, they should forward it to their Information Technology department for determination.
Scheidt said organizations should also consider writing policies or protocols regarding workplace practices and standards when forced to work from home.
“Employers should spell out if the employees are required to be logged in at specific times or days,” he said. “We are not necessarily working from 9 to 5 from home. Because our kids are home. Or we may have other family members at home. So, we end working whenever we have time, and it might be at night while others got to sleep. So, should you establish a work practice standard? I don’t believe it needs to be rigid in order to be productive but without a set of guidelines employees don’t know their expectations. Do you need something to hold the remote work employee accountable? And, from an HR point of view, is it legal?”
Scheidt offered a website where people could check to see if their emails have been compromised. To check your email go to: https://haveibeenpwned.com/