Think before you link is the typically snappy title of a CPNI campaign, writes Mark Rowe. The materials as we have come to expect from CPNI are excellent, striking just the right tone, and content, setting out a genuine security issue without resorting to fear, nor blinding people with science or big words, nor talking down to them.
As CPNI (the UK official Centre for the Protection of National Infrastructure) say: “No one is immune to being socially manipulated into wrong-doing through these approaches – malicious profiles are deliberately trying to exploit vulnerabilities that are inherent in all people. It could happen to you.” Knowing the warning signs and managing your digital footprint are the best defences, the authorities suggest.
– Do not advertise your security clearance publicly online, whether you work in government or academic or the private security and do work – such as in the defence supply chain – that may be of interest to ‘hostile actors’.
– Nor should you be revealing details of sensitive job roles or employers publicly or to unknown contacts. If someone tries to link with you and you have a contact in common, that does not mean the new profile is genuine, as it could be your common contact has not made proper checks that the person is who they say they are, or indeed is a person at all.
– Think about the lowest level of detail that you really need to include on your profile.
– Use website settings to manage the information you put out about yourself, and control who can view your profile.
– Only share CVs or details of specific projects with trusted and verified contacts.
If you’re approached with a job opportunity that seems too good to be true, it probably is, as CPNI point out. For ‘downloadable assets’, case studies and advice for managers and organisations, and posters to publicise the campaign, visit the CPNI website.
The website is also a place to go to for advice on cyber, personnel and physical security; and ideas about security leadership, security mindedness, and asset protection. CNI is defined widely, as 13 sectors: Chemicals, Civil Nuclear, Communications, Defence, Emergency Services, Energy, Finance, Food, Government, Health, Space, Transport and Water. Visit www.cpni.gov.uk.