Providing employees with awareness training is essential for modern business cybersecurity, according to cloud services firm Giacom.
“Businesses can no longer rely on technology alone to mitigate the risks that come from cyber threats, especially while many workforces work remotely through the pandemic,” wrote Daniel Warelow, product manager at Giacom and Charles Preston, CEO of security software business usecure. “Instead, they need to encourage their employees to work mindfully and responsibly on the frontlines of cyber defence.”
A 2014 study by IBM found that 95 per cent of cybersecurity breaches are due to human error. “These internal business risks, such as sending an email to the wrong person or with an incorrect attachment can be detrimental to a business – not only in terms of financial repercussions, but also its reputation,” said Warelow and Preston. “This is when cybersecurity training and tools that educate the user have never been more important, as employees need to be trained to be vigilant, cautious and suspicious.”
Security awareness training and simulated phishing resources can help mitigate end-user cyber risk and encourage secure user behaviour. Warelow and Preston say that these programs are designed to help users understand their role in combatting security breaches: “Using phishing simulations, as part of the wider security strategy, will help to provide realistic situations that often occur, particularly via email, that employees must be aware of.”
However, Warelow and Preston also warn that security awareness training should not be a one size fits all approach, but instead, that it should be tailored to each user’s vulnerabilities. With help from their technology partners, businesses can feel confident that they have the right education and tools in place to combat the risk of cyberattacks.