Your business critical systems, applications, and data are under a constant state of threat. In fact, a recent Cybersecurity Ventures report finds that a ransomware attack occurs every 40 seconds—and by the end of 2019 an attack is projected to occur every 14 seconds. It’s clear that you need a vigilant army of end users acting as an impenetrable wall. Unfortunately, they more than likely form a Swiss cheese-like fortress.
That’s a problem.
“Poor digital hygiene is a fundamental problem thwarting organizations across the globe. It’s an issue cyber criminals will continue to exploit until the world builds more cyber resilience,” notes Insurance Business magazine.
Certainly, our Ransomware Watch consortium partner, KnowBe4, beats the cyber security training drum loud and often. And, with good cause. After all, spear phishing is responsible for ninety-one percent of all hacks today.
Simply put: Your employees are making you vulnerable, cyber criminals know that, and they’re taking advantage of it.
So, what do you do?
Train your employees, of course. Granted, it’s not a perfect solution—cyber security training will not prevent all malware from breaching your systems. That said, it’s an important component of your larger cyber security strategy.
Here’s what you should be thinking about…
Arm your leadership with cyber security training early
Your organization’s leadership are sporting bright, shiny targets on their backs. Why? Consider the following factors:
- More access: Leadership generally possesses the “keys to the kingdom”—meaning they have access to more files and databases than the average employee
- Fraud: They have the authority to make purchasing decisions, sometimes leveraging a process as simple as an email authorization
- Contact info: Their email addresses and phone numbers, often included in business documentation, are often easily found with a quick Google search
Given the very busy schedules most executives tend to keep, cyber security training sometimes needs to be broken up into a series of short modules or provided on-demand. That’s okay. The easier you make the process, the more likely they are to commit to the training.
What’s more, if they’re on board, they can lead by example—demonstrating the importance of digital hygiene for the rest of the organization.
Keep employees sharp with monthly interactive cyber security trainings
Those large group cyber security seminars? Ditch ‘em.
Instead, distribute general information about cyber security via email, online resources, and interactive training modules. Then, invest in training exercises, like phishing testing, to assess your risk and target employees who might need a little extra support.
When it comes to cyber security training, we recommend your trainings are:
- Frequent: Most companies should hold monthly trainings to keep up with the pace of malware innovations and evolving cyber attack methodologies
- Mandatory: Hacks affect all employees equally, so everyone should participate in cyber security trainings
- Interactive: Work with a trusted cyber security company, like our Ransomware Watch consortium partners, and run simulated campaigns to evaluate your protection systems and test users’ ability to identify scams
- Personal: Convey that poor digital hygiene at home could not only threaten their personal data, but spread an infection to the business via personal mobile devices
The payback of proper cyber security training is huge
Cyber security awareness training does not have to be difficult or time-intensive to be effective. And, done well, the payback is huge.
And, with ransomware attacks targeting business users up 26% this year, it’s something we all need to take seriously.
There it is—the ransomware lockscreen staring you down with its arrogant gaze, just begging you to cry, “Uncle!” So much for your pleasant morning cup of coffee. So, now what? What steps should you and your IT department take to mitigate the damage and restore your data? The answer is: It depends. Here are some…
It’s a never-ending battle: Hackers relentlessly look for a way into your digital house, you work overtime, boarding up the windows. Meanwhile, your employees stand in the threshold graciously offering their up their keys. We know employees are the primary cause of data breaches—and that login credentials are almost always employed at some phase of…
This month, a Grand Canyon-sized hole in WPA2 WiFi security protocol was discovered—and, it’s a vulnerability that has the potential to spell catastrophic consequences for organizations and their mobile workforces. So, what does the threat mean to you? And, more importantly, how can you use WiFi safely? Let’s dig in. KRACKS is a threat to…
“We’ve been compromised.” Those three little words are sure to keep you tossing and turning at night. Maybe an unauthorized user has accessed your data. Perhaps you’ve discovered an end user’s screen being recorded. Maybe your critical business applications have been encrypted by ransomware. It’s the stuff of nightmares. So, how do you return to…