The Cybersecurity Lesson of the Vice President’s Mask

Ben Jackson

IPA COO

The Vice President’s visit to the Mayor Clinic last month caused a stir after pictures were posted of him not wearing a mask during the tour. 

Putting political punditry aside, the event offers a lesson for companies about cybersecurity, especially in the COVID19 era when so many people are working remotely. 

The Mayo Clinic has a policy that everyone on its campus needs to wear a mask. Making sure the Vice President was following that policy was the responsibility of the Mayo Clinic staff. 

So how did he end up not wearing one? Maybe no one felt comfortable telling the Vice President that he had to don a mask. Maybe someone thought it was someone else’s responsibility. Either way, the Mayo staff did not strictly enforce their own procedures and a bad situation resulted. 

What does this have to do with cyber and financial security?

​Much of the fraud that we see today comes from social engineering and business e-mail compromise. An account specialist gets an e-mail that looks like it is from a corporate vice president, or even the CEO, and then they end up transferring money to a fraudulent account. The employee gets an e-mail that they aren’t comfortable questioning, or they think it is someone else’s responsibility. 

What they should do when something seems suspicious is to stop and go back to the established protocols and procedures. When something seems funny or not quite right, it is time to call someone (ex: maybe a Compliance Officer) and doublecheck, especially in this time when you can’t just walk down the hall or catch someone in the break room. 
Brian Kreb’s recently did an article on this in regard to consumer-based fraud, but it is as important in business settings as well. You can find that article here: When in Doubt: Hang Up, Look Up, and Call Back.

​Following these steps when something seems wrong will save a lot of time and money. It might lead to a few awkward conversations, but policies and procedures are established for a reason, and everyone needs to follow them.