Less Than Half Of Employees Get Regular Cyber Security Training

As techniques to exploit vulnerabilities continue to evolve and become more sophisticated, businesses really need to bolster their security. According to a  survey conducted by GetApp 43% of employees do not get regular data security training while 8% have never received any training at all, highlighting the level of exposure businesses have towards cyber attacks such as ransomware. 

This comes as cyber security remains one of the most challenging issues for small business owners.

The Internet is continuing to connecting billions of people more by using mobile devices, electronic connections, storage capability, information accessibility and processing power and it will substantially increase the size of the interconnected the world. Now, cyber in the forms of the Internet and digital technologies are transforming the global economy and connecting people as never before. 

Small businesses suffer over 40% of cyber-attacks, opening them up to huge liabilities and this includes business closure. Of those attacked, 60% will go out of business within six months.

Web-based attacks, social engineering and general malware are often the top three culprits of cyberattacks among small businesses. 

Using Employee Vulnerabilities to Launch Attacks
Among the areas where employees are routinely targeted include social engineering, the art of manipulating someone into divulging secret information. Through phishing attacks, hackers use social media and research to strike up a relationship with employees. 

They then exploit this relationship to gain their trust with the goal of eventually stealing the information they need. For example, getting a password might allow them to infiltrate a company’s cyber-security architecture.
Very often unsuspecting employees are duped into providing scammers access to sensitive company data. Scammers typically investigate an individual or organisation before carrying out attacks such as spear phishing or business email compromise (BEC).  

Phishing is the practice of sending e-mails appearing to come from a well-known organisation asking recipients information such as credit card numbers, account numbers, or passwords. However, only 27 % of companies provide social engineering awareness training for their employees according to the survey. And almost 75% of businesses are vulnerable, thus endangering customers’ records, employee data, intellectual property and more. It goes without saying there is an urgent need for more robust cybersecurity.

A Need for a More Robust Cyber Security
Small businesses are as much of a cyber-attack target as large enterprises.  But investing in enterprise cyber-security alone is not going to cut it. small businesses need to invest in regular training for their employees in order to fully address this threat. This will help in adding yet another layer of protection for the company’s sensitive data. For this reason, it is important to assess the knowledge of your employees when it comes to cyber-security. This is because more often than not, employees are the soft targets that scammers use to access your organisation. With employees now connected to the Internet, around the clock, businesses are more vulnerable than ever to attacks.

Regular and up-to-date training can help arm employees with the necessary tools to prevent attacks. Not only that, but it will also heighten the security of the company. 

If employees are given the training knowledge of the characteristics of cyber attacks, then they are more likely to avoid the pitfalls. In addition to training, companies should also empower employees to use good judgement and have a security mindset. Also, you can ensure your company and the people who work for you are up to date by regularly carrying out audits.
The Importance of Audits You probably conduct a number of audits of your business to make sure you are on the right track. But in today’s digital ecosystem, it should also include the audit of your current cyber-security policies.

A strong audit goes a long way in assessing the vulnerability of your business to cyber-attacks. The audit can assess password policies, employees’ knowledge of phishing techniques, and adherence to security policies, to name but a few of the issues it can address.

Once the audit highlights the gaps, companies can bolster their security by providing tailored courses to address security issues. Moreover, training materials and learning management system software are available that are easy to use for small businesses. Going forward, simple investments and regular training often can make a huge difference in strengthening a company’s cyber-security.

Inform your Board and Chief Executive
This makes it important for Chief Information Officers, Chief Security Officers, and others with security responsibilities to clearly explain cybersecurity and digital research technologies in plain language that the Board, and stakeholders understand and if you need more help please contact Cyber Security Intelligence for free advice. 

For effective employee cyber training which is engaging, endorsed by leading experts and will improve cyber behaviour across your entire organisation please contact Cyber Security Intelligence

GetApp:         SmallBizTrends:        WildGoose

You Might Also Read: 

Its Your People Who Contribute To Data Theft:

Positive Cyber-Secure  Training:


 

« Small & Medium Businesses Are Under Increasing Risk Of Attack
E-Passports Can Be Remotely Hacked »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Fuel Recruitment

Fuel Recruitment

Fuel Recruitment is a specialist recruitment company for the IT, Telecoms, Engineering, Consulting and Marketing industries.

D3 Security

D3 Security

D3's Smart SOAR platform is at the forefront of the security automation revolution, helping clients around the world to rapidly identify, analyze, and resolve advanced threats.

SQNetworks

SQNetworks

SQNetworks provides a full range of cybersecurity consultancy, services and solutions.

Awen Collective

Awen Collective

Awen Collective develops software-based tools for performing Digital Forensics, Incident Response and Cyber-Crime Investigation.

Cyberlitica

Cyberlitica

Cyberlitica (formerly iPhish) provides a Workforce Threat Intelligence application that significantly augments companies’ cyber threat prevention efforts.

Zivaro

Zivaro

Zivaro provides transformational consulting and technology services to help clients attain real business value from their technology investments.

NSEIT

NSEIT

NSEIT offers end-to-end Information Technology products, solutions and services including cybersecurity to organizations in the financial sector.

Carbonite

Carbonite

Carbonite offers all the tools necessary for protecting data from the most common forms of data loss, including ransomware, accidental deletions, hardware failures and natural disasters.

Startupbootcamp Fintech & Cybersecurity

Startupbootcamp Fintech & Cybersecurity

Startupbootcamp is the world’s largest network of multi-corporate backed accelerators helping startups scale internationally.

Brimondo

Brimondo

At Brimondo we help you to maximize and protect your brand value by being a proactive and strategic partner within brand protection with experts within intellectual property and digital assets.

Haven Group

Haven Group

Haven Group and its companies are a cyber security one-stop-shop for our clients offering a full range of cyber security services to our clients in a unified and united way.

StoneLock

StoneLock

StoneLock is a trusted leader in the design and manufacture of facial recognition software and technology.

Digitpol

Digitpol

Digitpol’s Cyber Crime Investigation experts investigate hacking incidents, ransomware, extortion and conduct security audits and IT upgrades.

Digital Edge

Digital Edge

Digital Edge provides unparalleled Managed Cloud Solutions, as well as superior Information Technology Support Services.

Castlepoint Systems

Castlepoint Systems

Castlepoint Systems is a pioneer in information governance, risk and compliance as a service. An all-in-one solution offering powerful risk management, built in compliance, cybersecurity and audit.

Cloudaeris

Cloudaeris

Cloudaeris is a trusted Microsoft Partner, and we've got what it takes to make your business more efficient and agile.