CISO Insights – December 2024

Tips for Keeping the Holidays Cyber Safe

The holiday season is a prime time for cybercriminals to exploit businesses and individuals alike. It’s a time when most of us are distracted with festivities, deadlines and other priorities. We balance year-end tasks with holiday plans, leading to reduced security awareness. This divided attention makes it easier for cybercriminals to succeed in their malicious activities — and it’s working. According to USA Today, the cost of cybercrime could reach a massive $9.5 trillion in 2024.

As you prepare for the holiday season, be sure to remain cautious and aware of cyberactivity, and enjoy this seasonal poem.

T’was the night before Christmas, the eve crisp and clear,
When a strange scheme was brewing, a plot to cause fear.
An email was sent with the utmost deceit,
Promising gifts, the kind none could defeat.

But unseen by the eyes of the humans below,
Were reindeer preparing, their antlers aglow.
For Dasher and Dancer had caught wind of the scheme,
And rallied their friends to upend the regime.

On Comet, on Cupid, through cyberspace they pranced,
With prancing and dancing, their hooves lightly danced.
They reached through the networks, the wires and the air,
To stop this foul phishing with swift, reindeer flair.

They tapped on the keyboards with hoof-tapping might,
Decrypting the codes in the still of the night.
With prancing precision and blitzing delight,
They foiled the plot, saving Christmas Eve night.

Come morning, the people awoke safe and sound,
The reindeer had triumphed, their praises renowned.
So, when facing such dangers, remember the cheer,
For reindeer are heroes, this festive frontier.

Unfortunately, we don’t have reindeer protecting Houston Methodist from malicious activities, but we do have you. You play a critical role in our cybersecurity plan, especially during the holidays. Be vigilant at work and at home, and pay close attention to socially engineered cyberattacks, such as:

• Phishing: Attempts to steal your sensitive information (e.g., usernames, passwords, credit card numbers, etc.) with fake emails or websites.

• Smishing: Attempts to get you to click malicious links or share personal information by SMS or text messages.

• Vishing: Attempts to extract sensitive information by phone by pretending to be legitimate organizations.

Remember to verify the authenticity of emails, links and attachments before clicking on them. Also, remember IT will NEVER ask for your password.

Throughout the holidays, we’ll be posting tips on The HUB to keep you safe and secure. To access, go to The HUB, click Support Request and under IT Support (on the left), click Cybersecurity.

If you experience any suspicious activities, promptly report it to the IT Service Desk. By doing so, IT can take swift action to remove threats from our systems and prevent further damage. By staying vigilant, reporting suspicious activities, practicing safe online habits and being our “reindeers,” we can all help defend against cyberthreats and safeguard our precious patient data and systems during the holiday season and into the new year.