Are your employees the biggest threat to your organisation?

Written By: Jordan Hackford
Published On:

The weakest link in the chain of a resilient and secure IT system is your employees.

We’ll be looking closely at why this is and how you can ensure your staff are aware of today’s cyber threats.

Why your staff may be the weakest link?

This comes down to your staff’s risk score and awareness of cyber threats.

You can invest many thousands in implementing IT security systems in order to keep your business secure. However, no one system is 100% secure, and this leaves some risk.

The most common vulnerability at this present time is email phishing. A study in 2018 showed that 76% of organisations said they had experienced some sort of phishing attack.

Email phishing comes in many forms, and whilst some employees may be aware of what to look for, not all will.

Are you confident that all employees within your organisation are 100% aware of email threats?

Are your employees aware of the different forms of email phishing?

For more information on Email Phishing take a look at our article on ‘The 3 most common email phishing techniques’

How to fix it:

There are, of course, some simple steps to reduce your businesses risk score in this area.

The first step would be running regular cyber security awareness sessions with your employees (We recommend at least twice a month). In your sessions you can discuss either the most common email phishing techniques or the most recent ones.

The second step is running simulated email phishing attacks. There are off the shelf solutions that will test the awareness of the workforce by running simulated phishing attacks.

The beauty of a simulated attack is that you can find out the risk score for each individual employee.

This can then be followed up by the correct level of cyber awareness training.

Other types of simulated attack include USB key drops, where a USB thumb drive is intentionally left somewhere with sensitive-looking files within.

The simulated test is then run to record if the files are accessed.

Although most users are now aware of the risks that USB drives can pose, this is still an excellent simulation to run to spot weaknesses.

If you require further information surrounding Cyber Security Awareness get in touch with us!