If it isn’t already, training your staff on Cyber Security should be on your to do list. Staff are regularly trained on things like health and safety and regular fire drills are run to ensure that staff know what to do in the worst-case scenario of a fire breaking out in the building. Some companies even run disaster recovery exercises so that staff know what to do should some sort of unexpected event happen to the work place.
IT departments implement many technical measures to try and keep the networks safe but ultimately, it is the users who are the last line of defence in any network. Users are the ones who can spot a suspicious email, website, text or can notice when something does not seem to be right, but only if they have been given proper training and advice on what to do. We don’t need employees to be experts in Cyber Security, but we can teach them the fundamentals in order to prevent potential attempts to disrupt your systems.
Think of it as first aid training; when someone comes out of a First Aid course, they do not have the same knowledge as doctors or nurses but could still have the skills and knowledge to help save someone’s life in an emergency. Cyber Security training can be thought in the same way, providing staff with the knowledge and skills to prevent a Cyber Attack from starting or getting worse.
So, what should be included in this training? Well, as we have already mentioned, initially the basics should be covered first. This includes advice on phishing emails - how to spot them and what to do if employees are suspicious of an email. Phishing emails can be very convincing, so it is important to alert staff of current trends in this type of attack and how to report any suspicious emails.
Furthermore, it is important to educate your team members about website safety - both at home and at work, people visit many websites daily. If businesses can educate staff on how to browse the internet safely and how to spot incorrect web addresses, many attacks could be avoided.
Finally, but just as important, it is imperative to educate and train staff on password creation and use. Employees need to not only know the importance of strong, long passwords but also how to create them. In addition to good passwords educating staff on the benefits of things like Two-Factor Authentication and Password Managers will help to increase the take up of these services and secure more accounts.
If you would like your organisation to have an Awareness Training Session with Curious Frank, please contact us.
Are you curious about the latest phishing scams? Read more about it here.
Are you curious about creating better passwords? Read more about it here.
Gerry Grant, Chief Ethical Hacker
For more advice, please email email@example.com or message us on our website.