top of page

When Employees Are Away, Cybercriminals Play. Securing Your Network During the Holidays

Published: December 23, 2023 on our newsletter Security Fraud News & Alerts Newsletter.

The holiday season can be a time of cheer, but also a time of utter chaos and distraction. That’s when those Grinchy cybercriminals step up their naughty tricks. While many of us go about our holiday business, maybe take more vacation time, and overall just try to be full of glee, they get to work taking advantage of all of that and more. In fact, according to studies, cybercrime skyrockets around this time of year.

The cybersecurity software company, Cequence found that last year, there was an increase of 550% in unique methods used by threat actors. They could be lazy and just reuse tactics, but they don’t! Because of this, as well as the normal cybersecurity threats that pester us year-round, it’s a good time to review your cybersecurity strategy for the holiday period when perhaps people are on vacation more or just in the office less.

Tip 1: Have a separate holiday plan. With fewer people around, review your plan to make sure those with a task in it are going to be available in case you need to activate it. Check holiday vacation schedules, make revisions, and do a run-through with the whole, possibly new team for the duration.

Tip 2: Backup, backup, backup. This cannot be stressed enough and should be ongoing all year. Make sure all of your important data and systems are backed up and that current copies are working. Keep backups out of internet reach.

Tip 3: Automate and centralize your patching and updating processes. If you’re used to going desk to desk to update systems, consider making a centralized and automated process to do this so nothing is missed. Don’t forget those work-from-home employees.

Tip 4: Check your virtual desktops and access permissions. More people may be working out of the office during this time. Ensure their permissions are limited to what they need and most definitely install VPNs for anyone not working physically in the office.

Tip 5: Provide cybersecurity awareness training. As is the norm these days, phishing runs even more rampant this time of year. Consider an awareness training session before everyone takes off for the holidays. Remind them of malvertising scams, charity scams, flash sale scams, etc. Not clicking is the key.

Taking a bit of time now to review your cybersecurity and preparing for what may come down the chimney this time of year can save you headaches when you’re sliding into next year.

Want to schedule a conversation? Please email us at

bottom of page