Can your users spot a phish?
When you have a new starter in your organisation you give them the latest hardware and other fancy gadgets. You teach them how to use your business system, how to book holiday, how to claim for expenses but do you train them on what to look out for on a phishing email?
You want them to hit the ground running contributing to the business increasing the bottom line of the company and you want that return on investment as quickly as possible so why bother having them trained in something they should already know or something that doesn't contribute to the bottom line?
The reason to train your users in how to recognise a phishing email or to at least raise concerns with the IT Department protects your bottom line, one wrong click and you could be paying the price for training your users!
Many security reports from trusted sources are telling us that threats to businesses are growing and are going to continue growing year on year. There has been an increase in phishing, spear phishing and whaling attacks and whilst the majority will be picked up by email and spam filtering it only takes one to get through to cause devastation to your company then you are down to relying on your tape backups for recovery, remember those tape backups that you have been meaning to test but haven't gotten around to it yet...
Am I scaring you? I hope not, but these are unfortunately the facts of life as we know it in the cyber world and it is only going to get worse. If you get a Ransomware attack from a phishing email less than 50% of companies who pay get their data back and also open themselves up to further attacks as they are willing to pay. Anyone wanting to start a phishing campaign doesn't have to be very technical nowadays as they can buy a campaign for $200 or so on the Dark Web. 91% of data breaches start from a spear phishing attack and you can do something to make sure it doesn't impact you.
You will have heard about the need to create a multi-layered approach to Data and Cyber Security, in fact I am always trying to preach that! That layering system is not just about having firewalls, Anti-Virus and all the other bits, it's also about training your users and letting them know how to deal with a suspicious email.
The criminals see your users as low-hanging fruit. Give your users the tools to fight back by training them in what red flags to keep an eye out for, keep their training up to date as cyber criminals are finding new ways to try and get at you everyday. This way you are turning that low-hanging fruit into a Human Firewall!
Shameless Plug Warning!
Be safe out there!
#thinkb4uclick #mssp #managedsecurityservices