- Employees to monitor their accounts for any unusual activity, such as unrecognized logins or changes in account settings
- Employees should recognize phishing attempts and social engineering tactics
- Any suspicious emails or communication should be reported and avoid sharing sensitive information through unsecured channels
- Employees should apply software updates and patches on devices outside of the organizations control
- All incidents or suspicious behaviour should be logged via Support for the Information Security Manager’s attention