“Is Die Hard a Christmas movie?” At every holiday party, without fail, someone’s going to throw that question your way. And whether you’re willing to argue about it like your life depends on it or just think to yourself, “Ugh, not this again,” it’s all part of the season’s charm. It’s the kind of debate that loosens you up and makes you forget there are real bad guys out there—not just in Nakatomi Plaza—who want to destroy your holiday cheer.
This is the time of year when you’re busy getting festive. Unfortunately, hackers are getting busy, too. As October comes to a close and we say farewell to Cybersecurity Awareness Month, we cannot say farewell to cybersecurity best practices. In fact, while we bring out the sweaters from storage, cyberattacks are only heating up. So, don’t get too comfortable just yet, because while you’re eager to take some time off, knock back hot cider, and shop online, hackers are doing everything but taking PTO.
The Holiday Season Is Open Season for Phishing Scams
The holiday season is prime time for cybercriminals who know your organization is full of employees whose minds are roaming elsewhere, thinking of vacations, presents, and parties. Simply put, you and your colleagues may be distracted, but your inboxes will remain busy.
Fake shipping emails, bogus charity drives, and shady gift card promos—cybercriminals expect you to have your guard down. And with major elections nearing, political donation scams are also on the rise. All it takes is one careless click, and the hackers are in. If you thought phishing was bad throughout the year, wait until voting- and holiday-themed messages attack.
Pro tip: Train your team to spot the nonsense. If it seems too good to be true, it probably is. Keep that security awareness training going—especially when your employees’ inboxes get flooded with those “unbeatable” holiday deals. Make sure they double-check email addresses, scrutinize links, and verify every "urgent" request before clicking.
Save Your Money for Gifts, Not Ransoms
With phishing on the rise, the holiday season also comes with a spike in ransomware and data breaches. Hackers know you and everyone across your organization have a lot going on. They’re actually counting on you being too busy with online sales, year-end reports, or 24-hour movie marathons to notice they’ve wormed their way in.
Pro tip: Double-check your cybersecurity defenses. Now’s the time to reinforce your firewalls, lock down those endpoints, and make sure your EDR solution is fully up to date. Don’t wait until New Year’s morning to make those security upgrades—start now.
Connect with Friends and Family, Not Unsecured Connections
If you or your colleagues travel this season, you’ll all log in from multiple locations. Unsecured WiFi at the local coffee shop or shared family computers in your childhood bedroom are all easy pickings for hackers. Keep in mind the more remote your workforce, the wider the target.
Pro tip: Remind your team that they must use secure connections only. Make sure they’re using company VPNs, multi-factor authentication (MFA), and strong passwords. And avoid public WiFi at places like the airport, cafe, or mall food court. A little extra caution on the road goes a long way.
Have Your Incident Response Plan in Place
Many of us know one unfortunate truth by now—you can’t always stop a cyberattack. But you can control how you respond to one. If a hacker gets through your systems, be sure to have a solid incident response plan in place. The holiday season is stressful enough, so take action now to remove the guesswork so you’re not left scrambling to figure out who’s in charge if—or when—the unthinkable happens.
Pro tip: Update your incident response plan now. Everyone on your team should be aware of their role, understand how to report suspicious activities, and know the proper steps to take if something goes wrong. A quick, strategic response can mean the difference between a minor glitch and a major crisis.
Wrapping Up for a Secure, Festive Season
Cybersecurity Awareness Month isn’t just 30 days of celebration. It’s a reminder of everything you, your colleagues, and your organization are up against. It sits in October as an excellent lead-in into the holiday season, when the threats start coming at you faster than ever. But with the proper preparation and the right mindset, you can keep your organization safe and secure all year round. The only chaos you should have to endure this season is the long lines at the airport, the ugly sweaters, and debating yet again if Die Hard is a Christmas film (spoiler alert: it is).
Sign Up for Blog Updates
Subscribe today and you’ll be the first to know when new content hits the blog.