NEED TO KNOW NEWSLETTER JUNE 2025

Cybersecurity mindfulness

In today’s fast-paced digital work environment, we are constantly being distracted. Inboxes are flooded with emails;
messages pop up and notifications ping. Our attention is demanded everywhere, all the time.

Despite these distractions, cybersecurity mindfulness is possible. Cybersecurity mindfulness is a proactive
approach that helps employees stay vigilant and aware of cybersecurity threats and reduce human error that
could lead to a security incident.

Understanding cybersecurity mindfulness

Cybersecurity mindfulness means staying alert and intentional during digital interactions, like reading emails, clicking links, or sharing sensitive information. Almost 75% of breaches involve human error,¹ not advanced attacks.

Mistakes, such as accidentally clicking on a phishing link, sending sensitive data to the wrong person, or using a default or weak password, can seriously impact organizations or data.

Ways we can practice cyber-mindfulness:

1. Slow down.
2. Assess risks before acting.
3. Make security-minded decisions.

This approach to cybersecurity strengthens your defense against cyber attacks.

Human error: The biggest cybersecurity risk

Is multitasking worth it?

In the rush to be efficient, we often multitask – responding to emails during meetings or messaging while working on other tasks. While it feels productive, constant task-switching reduces focus and increases the chance of errors. We may overlook who an email is from or where sensitive data is being sent.  We think this is more productive, but it can hinder us and our organization. 

To reduce your risk:

1. Pause and verify senders and links.
2. Give critical tasks your full attention. Avoid multitasking when handling sensitive information.
3. Slow down. A few extra seconds of focus can prevent a costly mistake.

Staying focused and intentional with digital tasks is one of the simplest, most effective ways to protect yourself and your organization from cyber threats.

Attacking our emotions

Cybercriminals don’t just rely on advanced technology – they exploit human emotions to trick people. Social engineering attacks trigger fear, urgency, curiosity, or trust, pushing you to act quickly without thinking. 

For example, a fake email may warn of a security threat or appear to come from a senior executive. The goal? To pressure you into clicking a malicious link or handing over sensitive information.

To protect yourself:

1. Pause and assess. Don't react immediately to alarming or urgent messaging.
2. Verify requests. Contact the person through a known, trusted method if something feels off.
3. Stay aware. Know that emotion manipulation is a common tactic - don't let it control your actions.

By staying calm and thoughtful, you can avoid falling into a trap and help keep your organization secure.

Mindful habits

By adopting mindful habits, employees can help combat cyberattacks. Implement these three easy but powerful actions today!

Pause before you click.

Hover over links to verify their destination before clicking or bypass the link altogether by going directly to the intended website. If an email seems urgent or unexpected, take a moment to assess whether it could be a phishing attempt.

Double-check recipients.

Before sending sensitive information, ensure that you are sharing it with the correct person. Email autocomplete features can easily lead to sending data to the wrong contact.

Treat sensitive information with care.

Think before sharing credentials, company data or personal details. Cybercriminals often use social engineering tactics to manipulate employees into providing sensitive information.