Your business critical systems, applications, and data are under a constant state of threat. In fact, a recent Cybersecurity Ventures report finds that a ransomware attack occurs every 40 seconds—and by the end of 2019 an attack is projected to occur every 14 seconds. It’s clear that you need a vigilant army of end users acting as an impenetrable wall. Unfortunately, they more than likely form a Swiss cheese-like fortress.
That’s a problem.
“Poor digital hygiene is a fundamental problem thwarting organizations across the globe. It’s an issue cyber criminals will continue to exploit until the world builds more cyber resilience,” notes Insurance Business magazine.
Certainly, our Ransomware Watch consortium partner, KnowBe4, beats the cyber security training drum loud and often. And, with good cause. After all, spear phishing is responsible for ninety-one percent of all hacks today.
Simply put: Your employees are making you vulnerable, cyber criminals know that, and they’re taking advantage of it.
So, what do you do?
Train your employees, of course. Granted, it’s not a perfect solution—cyber security training will not prevent all malware from breaching your systems. That said, it’s an important component of your larger cyber security strategy.
Here’s what you should be thinking about…
Arm your leadership with cyber security training early
Your organization’s leadership are sporting bright, shiny targets on their backs. Why? Consider the following factors:
- More access: Leadership generally possesses the “keys to the kingdom”—meaning they have access to more files and databases than the average employee
- Fraud: They have the authority to make purchasing decisions, sometimes leveraging a process as simple as an email authorization
- Contact info: Their email addresses and phone numbers, often included in business documentation, are often easily found with a quick Google search
Given the very busy schedules most executives tend to keep, cyber security training sometimes needs to be broken up into a series of short modules or provided on-demand. That’s okay. The easier you make the process, the more likely they are to commit to the training.
What’s more, if they’re on board, they can lead by example—demonstrating the importance of digital hygiene for the rest of the organization.
Keep employees sharp with monthly interactive cyber security trainings
Those large group cyber security seminars? Ditch ‘em.
Instead, distribute general information about cyber security via email, online resources, and interactive training modules. Then, invest in training exercises, like phishing testing, to assess your risk and target employees who might need a little extra support.
When it comes to cyber security training, we recommend your trainings are:
- Frequent: Most companies should hold monthly trainings to keep up with the pace of malware innovations and evolving cyber attack methodologies
- Mandatory: Hacks affect all employees equally, so everyone should participate in cyber security trainings
- Interactive: Work with a trusted cyber security company, like our Ransomware Watch consortium partners, and run simulated campaigns to evaluate your protection systems and test users’ ability to identify scams
- Personal: Convey that poor digital hygiene at home could not only threaten their personal data, but spread an infection to the business via personal mobile devices
The payback of proper cyber security training is huge
Cyber security awareness training does not have to be difficult or time-intensive to be effective. And, done well, the payback is huge.
And, with ransomware attacks targeting business users up 26% this year, it’s something we all need to take seriously.
Ransomware attackers are the schoolyard bullies of cyberspace, and they’re unrelenting in their hunt for your “milk money.” Get caught unprepared, and you’ll be forced to choose between rewarding the cyber extortionist with bitcoins—or weathering the financial burden that naturally results from data loss and downtime. Well, we think that stinks. To that end, we’ve…
Cybercriminals are fueling near continuous news coverage of governments, universities, healthcare systems, and businesses brought to a screeching halt by ransomware. Caught unprepared, these organizations are then forced into an uncomfortable cost-benefit analysis: Cough up the ransomware payment or endure the damaging impacts of downtime and data loss. It’s not always an easy choice. But…
The art of the scam is nothing new. While ransomware attacks now fuel a continuous stream of breaking news, we only have to think back to the many distraught Nigerian princes—all who suffered the loss of their uncles and were desperate to find safe places to stash their unexpected inheritances—to remember how long these “spray…
If the ransomware threat wasn’t already keeping you up at night, surely the attack on Atlanta has left you questioning the strength of your cyber defenses and disaster recovery. Now, it should be abundantly clear to all who work in local government that you are under attack. And, it’s up to you to ensure critical…