Less Than Half Of Employees Get Regular Cyber Security Training

Uploaded on 2019-10-23 in JOBS-Training, FREE TO VIEW, TECHNOLOGY--Resilience

As techniques to exploit vulnerabilities continue to evolve and become more sophisticated, businesses really need to bolster their security. According to a  survey conducted by GetApp 43% of employees do not get regular data security training while 8% have never received any training at all, highlighting the level of exposure businesses have towards cyber attacks such as ransomware. 

This comes as cyber security remains one of the most challenging issues for small business owners.

The Internet is continuing to connecting billions of people more by using mobile devices, electronic connections, storage capability, information accessibility and processing power and it will substantially increase the size of the interconnected the world. Now, cyber in the forms of the Internet and digital technologies are transforming the global economy and connecting people as never before. 

Small businesses suffer over 40% of cyber-attacks, opening them up to huge liabilities and this includes business closure. Of those attacked, 60% will go out of business within six months.

Web-based attacks, social engineering and general malware are often the top three culprits of cyberattacks among small businesses. 

Using Employee Vulnerabilities to Launch Attacks
Among the areas where employees are routinely targeted include social engineering, the art of manipulating someone into divulging secret information. Through phishing attacks, hackers use social media and research to strike up a relationship with employees. 

They then exploit this relationship to gain their trust with the goal of eventually stealing the information they need. For example, getting a password might allow them to infiltrate a company’s cyber-security architecture.
Very often unsuspecting employees are duped into providing scammers access to sensitive company data. Scammers typically investigate an individual or organisation before carrying out attacks such as spear phishing or business email compromise (BEC).  

Phishing is the practice of sending e-mails appearing to come from a well-known organisation asking recipients information such as credit card numbers, account numbers, or passwords. However, only 27 % of companies provide social engineering awareness training for their employees according to the survey. And almost 75% of businesses are vulnerable, thus endangering customers’ records, employee data, intellectual property and more. It goes without saying there is an urgent need for more robust cybersecurity.

A Need for a More Robust Cyber Security
Small businesses are as much of a cyber-attack target as large enterprises.  But investing in enterprise cyber-security alone is not going to cut it. small businesses need to invest in regular training for their employees in order to fully address this threat. This will help in adding yet another layer of protection for the company’s sensitive data. For this reason, it is important to assess the knowledge of your employees when it comes to cyber-security. This is because more often than not, employees are the soft targets that scammers use to access your organisation. With employees now connected to the Internet, around the clock, businesses are more vulnerable than ever to attacks.

Regular and up-to-date training can help arm employees with the necessary tools to prevent attacks. Not only that, but it will also heighten the security of the company. 

If employees are given the training knowledge of the characteristics of cyber attacks, then they are more likely to avoid the pitfalls. In addition to training, companies should also empower employees to use good judgement and have a security mindset. Also, you can ensure your company and the people who work for you are up to date by regularly carrying out audits.
The Importance of Audits You probably conduct a number of audits of your business to make sure you are on the right track. But in today’s digital ecosystem, it should also include the audit of your current cyber-security policies.

A strong audit goes a long way in assessing the vulnerability of your business to cyber-attacks. The audit can assess password policies, employees’ knowledge of phishing techniques, and adherence to security policies, to name but a few of the issues it can address.

Once the audit highlights the gaps, companies can bolster their security by providing tailored courses to address security issues. Moreover, training materials and learning management system software are available that are easy to use for small businesses. Going forward, simple investments and regular training often can make a huge difference in strengthening a company’s cyber-security.

Inform your Board and Chief Executive
This makes it important for Chief Information Officers, Chief Security Officers, and others with security responsibilities to clearly explain cybersecurity and digital research technologies in plain language that the Board, and stakeholders understand and if you need more help please contact Cyber Security Intelligence for free advice. 

For effective employee cyber training which is engaging, endorsed by leading experts and will improve cyber behaviour across your entire organisation please contact Cyber Security Intelligence

GetApp:         SmallBizTrends:        WildGoose

You Might Also Read: 

Its Your People Who Contribute To Data Theft:

Positive Cyber-Secure  Training:


 

« Small & Medium Businesses Are Under Increasing Risk Of Attack
E-Passports Can Be Remotely Hacked »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

PhishLine

PhishLine

PhishLine helps Information Security Professionals meet and overcome the increasing challenges associated with social engineering and phishing.

Lacework

Lacework

Lacework brings speed, scale, and automation to cloud security and allows security and DevOps teams to collaborate on keeping data and applications safe.

Platin Bilişim

Platin Bilişim

Platin Bilisim is an IT Security company providing consultancy, solutions and operational support services.

Arab Information & Communication Technologies Organization (AICTO)

Arab Information & Communication Technologies Organization (AICTO)

The Arab ICT Organization (AICTO) is an Arab governmental organization working under the aegis of the league of Arab States.

ESL Bangladesh

ESL Bangladesh

ESL is the Largest IT Infrastructure & Telecom Service Provider in Bangladesh.

SenseOn

SenseOn

SenseOn’s multiple threat-detection senses work together to detect malicious activity across an organisation’s entire digital estate, covering the gaps that single point solutions create.

Fastcomcorp

Fastcomcorp

Fastcomcorp offers a world-class proactive cyber security defense and risk management consulting. Including Darkweb monitoring and posture assessments.

Future Planet Capital

Future Planet Capital

Future Planet is the impact-led, global venture capital firm built to invest in high growth potential companies from the world's top research centres.

InfoSec Brigade

InfoSec Brigade

InfoSec Brigade offers a suite of specialized solutions that help businesses to mitigate risk by integrating cyber and IT security protocols with business goals.

HCS

HCS

HCS is an IT Company and Telecoms provider with an experienced team who are dedicated to ensuring our clients business systems are protected.

Socura

Socura

Socura helps make the digital world a safer place; changing the way organisations think about cyber security through a dynamic, innovative, and human approach.

Varutra Consulting

Varutra Consulting

Varutra Consulting is an Cyber Security Consulting, Solutions and Training services firm, providing specialized security services for software, mobile and network.

risk3sixty

risk3sixty

Risk3sixty are information and cyber risk management craftsmen helping build business-first security and compliance programs.

Rampart AI

Rampart AI

Tackling DevSecOps Issues In Application Security. Rampart has revolutionized the shift left security approach, applying zero-trust to application development.

Breathe Technology

Breathe Technology

Breathe Technology has been providing Managed IT Support/ Service Desk, Cloud Services, Cyber Security & Communications to businesses and schools since 2003.

PhishFort

PhishFort

PhishFort offers brand protection services to combat phishing, fake content, and IP infringements.