Actions
Roll out processes and tools to manage potential phishing emails.
Use this workflow:
- Report
- Analyze
- Remediate
Risk factors
Cybersecurity training educates employees about potential threats and how to identify them. Without a clear process in place to identify and report phishing employees may not know what to do.
- Do they forward the email to their supervisor or IT support?
- Do they delete the email?
- If they do nothing, what happens to other employees who received the same email?
Employees may do something that puts the organization at risk if they do not have a clear process to follow.
Recommendations
Put in place a clearly documented process for employees to report suspected phishing emails to the IT support team.
If you have a high volume of emails reported, consider creating a dedicated team responsible for cybersecurity. This could be a subset of the IT Support team.
Install tools to support the analysis, remediation, and eradication of actual phishing emails.
Related
-
Cybersecurity
Learn about how we’re keeping the County network secure and how you can protect yourself and your business safe too.
-
Cybersecurity newsletter
Read and subscribe to our monthly newsletter, Marin CyberSafe News.
-
Top cybersecurity tips for organizations
Learn how to protect your business or organization from cyberattacks. These cybersecurity tips will help you protect your organization’s information.