Less Than Half Of Employees Get Regular Cyber Security Training
As techniques to exploit vulnerabilities continue to evolve and become more sophisticated, businesses really need to bolster their security. According to a survey conducted by GetApp 43% of employees do not get regular data security training while 8% have never received any training at all, highlighting the level of exposure businesses have towards cyber attacks such as ransomware.
This comes as cyber security remains one of the most challenging issues for small business owners.
The Internet is continuing to connecting billions of people more by using mobile devices, electronic connections, storage capability, information accessibility and processing power and it will substantially increase the size of the interconnected the world. Now, cyber in the forms of the Internet and digital technologies are transforming the global economy and connecting people as never before.
Small businesses suffer over 40% of cyber-attacks, opening them up to huge liabilities and this includes business closure. Of those attacked, 60% will go out of business within six months.
Web-based attacks, social engineering and general malware are often the top three culprits of cyberattacks among small businesses.
Using Employee Vulnerabilities to Launch Attacks
Among the areas where employees are routinely targeted include social engineering, the art of manipulating someone into divulging secret information. Through phishing attacks, hackers use social media and research to strike up a relationship with employees.
They then exploit this relationship to gain their trust with the goal of eventually stealing the information they need. For example, getting a password might allow them to infiltrate a company’s cyber-security architecture.
Very often unsuspecting employees are duped into providing scammers access to sensitive company data. Scammers typically investigate an individual or organisation before carrying out attacks such as spear phishing or business email compromise (BEC).
Phishing is the practice of sending e-mails appearing to come from a well-known organisation asking recipients information such as credit card numbers, account numbers, or passwords. However, only 27 % of companies provide social engineering awareness training for their employees according to the survey. And almost 75% of businesses are vulnerable, thus endangering customers’ records, employee data, intellectual property and more. It goes without saying there is an urgent need for more robust cybersecurity.
A Need for a More Robust Cyber Security
Small businesses are as much of a cyber-attack target as large enterprises. But investing in enterprise cyber-security alone is not going to cut it. small businesses need to invest in regular training for their employees in order to fully address this threat. This will help in adding yet another layer of protection for the company’s sensitive data. For this reason, it is important to assess the knowledge of your employees when it comes to cyber-security. This is because more often than not, employees are the soft targets that scammers use to access your organisation. With employees now connected to the Internet, around the clock, businesses are more vulnerable than ever to attacks.
Regular and up-to-date training can help arm employees with the necessary tools to prevent attacks. Not only that, but it will also heighten the security of the company.
If employees are given the training knowledge of the characteristics of cyber attacks, then they are more likely to avoid the pitfalls. In addition to training, companies should also empower employees to use good judgement and have a security mindset. Also, you can ensure your company and the people who work for you are up to date by regularly carrying out audits.
The Importance of Audits You probably conduct a number of audits of your business to make sure you are on the right track. But in today’s digital ecosystem, it should also include the audit of your current cyber-security policies.
A strong audit goes a long way in assessing the vulnerability of your business to cyber-attacks. The audit can assess password policies, employees’ knowledge of phishing techniques, and adherence to security policies, to name but a few of the issues it can address.
Once the audit highlights the gaps, companies can bolster their security by providing tailored courses to address security issues. Moreover, training materials and learning management system software are available that are easy to use for small businesses. Going forward, simple investments and regular training often can make a huge difference in strengthening a company’s cyber-security.
Inform your Board and Chief Executive
This makes it important for Chief Information Officers, Chief Security Officers, and others with security responsibilities to clearly explain cybersecurity and digital research technologies in plain language that the Board, and stakeholders understand and if you need more help please contact Cyber Security Intelligence for free advice.
For effective employee cyber training which is engaging, endorsed by leading experts and will improve cyber behaviour across your entire organisation please contact Cyber Security Intelligence.
GetApp: SmallBizTrends: WildGoose:
You Might Also Read:
Its Your People Who Contribute To Data Theft:
Positive Cyber-Secure Training: