Cybercriminals don’t take vacations or days off because of the holiday. With winter holidays fast approaching, most people are thinking about how they will be enjoying time with their friends and families. However, holidays like Christmas and New Year’s tend to also bring greater cybersecurity risks to businesses. With many businesses closed during the holiday or running with a lower headcount.  Unsupervised IT networks and systems during the holidays provide a great opportunity for cybercriminals to attack. We have compiled our holiday cyber security tips and information about creating a security strategy for cyberattacks during the holidays.

Another point to consider is the number of employees that are working remotely and at times that can come with significant cybersecurity flaws. Cybercriminals can exploit these flaws to gain access to networks and devices, these vulnerabilities increase with less network supervision during the holidays.

While different attacks can be employed, many common tactics are:

  • social engineering
  • phishing
  • spear-phishing
  • malware
  • ransomware

Here are the holiday cyber security tips we have curated from our security partners such as Cisco and Barracuda Networks.

Conduct Security Awareness Training Programs For Staff

While it may appear to be a simple task, providing your employees with a refresher on the risks of phishing and other cyber threats is beneficial. Your staff are more vulnerable to phishing, social engineering, and even charity fraud as a result of the increased workload, especially over the holidays. Ransomware is a significant threat. Ransomware attacks are lucrative and very easy to carry out. Simple measures, such as not opening URLs in emails from unknown senders and keeping operating systems and applications up to date, can help to reduce risk.

An example of a Phishing email a team member received:

Phishing Example - Holiday Cyber security Tips

Due to the security awareness training, this staff member was able to identify that this email was a phishing attempt and was not coming from the EVP.

Strong Passwords

Strong passwords are critical for keeping your data safe and secure, but remembering complicated passwords may be challenging. One simple technique to create secure passwords that are easy to remember is to base them on memorable phrases. We’ve all learned a nursery rhyme, a poem, or a song, for example. Using the initial letter of each word from that may make a complicated password that is simple to remember, or using a phrase coupled with numbers is easier for users and secure enough to construct 14 nonrepeating, nonsequential characters that aren’t found in any dictionary.


I’m a little teapot, Short and stout, Here is my handle, Here is my spout


Use A Separate E-Mail Address

Most websites require you to register with your e-mail address. Providing your business e-mail address to each web service and application that asks for it, is a recipe for spam. Spam may be easily avoided by using a second e-mail account.

Make Sure Your Security Systems Are Up to Date

Employee training, firewall protection, anti-virus, anti-spam, and wireless security technologies should all be included in your company’s cybersecurity plan and up to date. If you operate in retail or another industry that employs point-of-sale systems, you should be aware that these systems are vulnerable to cyberattacks, which might expose consumer data and do significant harm to businesses. Because many consumers no longer carry cash, a POS network failure implies no card transactions, which might imply no purchases. It is critical to keep your security and backups up to date.

Have A Plan Ready and In Place

While having a strong incident response plan in place is critical throughout the year, updating it and making sure your employees are aware of it over the holidays will help keep you safe. Ascertain that your firewalls are up to date and that all of your data is secured. To minimize delays and increased risks, companies need to ensure that a solid contingency plan is in place and that responsibilities are recognized and communicated across all departments.

In Closing

Throughout the year, it’s vital to pay attention to cybersecurity. These cyber security tips and recommendations for the holidays will help you lessen the risk for your company, and an expert service provider can help you create and implement an intelligent cybersecurity plan. To discover more about the cybersecurity alternatives accessible to you, contact Evron.