March 2, 2023

As Christian Horizons’ reliance on technology continues to grow, so does the threat of cyber attacks. Cybersecurity breaches can have severe consequences, including the loss of sensitive information, reputational damage, and financial loss. Christian Horizons staff are targeted with phishing emails daily. We take cyber security seriously and as a result, all employees will be required to complete training on an annual basis. The Cyber Awareness program will be comprised of two components: Cyber Security Awareness Training and Simulated Phishing.

Cyber Security Awareness Training

Each month, beginning in March, a new bite-size cyber security awareness course will be released. These four courses will be mandatory for all Christian Horizons staff. These courses are 1.) Introduction to Cyber Security, 2.) Phishing, and 3.) Ransomware 4.) Passwords. Ongoing courses will be released in the Summer and Autumn months. These courses will be mandatory for all managers and office staff and optional for all direct support staff. The courses will be approximately 15 minutes in length and will be concluded with a test.

Simulated Phishing

To help protect Christian Horizons from phishing attacks, we will be conducting simulated phishing exercises. These exercises involve sending simulated phishing emails to all employees and monitoring their responses. The purpose of these exercises is to raise awareness of the dangers of phishing and to help employees recognize and respond to phishing attempts in a safe and effective manner.

Beginning in April, all Christian Horizons staff will receive simulated phishing emails to assess their awareness of online threats. Associated remediation learning will be provided. Completion of this remediation will be required by staff who do not recognize the phish. All staff are encouraged to complete the Cyber Security Awareness and Phishing courses as soon as they are released in order to prepare for the simulated phishing campaign.

Reporting Phishing Emails

Finally, with this increase in phishing emails, all staff can now report suspected phishing emails within both the web and client versions of Outlook. In the web version of Outlook, the “Report” button is located on the upper toolbar between “Archive” and “Sweep”. In the client version of Outlook, the “Report” button is located on the right side of the upper toolbar. When suspected phishing emails are reported in this manner, members of the IT Help Desk are informed and can take action to mitigate the threat.

If you have any questions or concerns, please do not hesitate to contact the IT Help Desk.