Yet another report has identified careless or unaware employees as the biggest vulnerability within organisations (34%). The EY Global Information Security Survey 2018–19 questioned more than 1,400 C-suite leaders and information security and IT executives/managers from some of the world’s largest organisations.
Insider threats have attracted a lot of discussion recently, but they only reached number eight on the top ten list of biggest cyber threats, with just 5% naming it their biggest threat.
Unsurprisingly, the biggest cyber threat was named as phishing (22%) closely followed by malware (20%). Meanwhile, the most valuable information to cyber criminals was named as customer information (17%).
These findings pose the question: can you really afford not to train your employees?
One lapse of judgement or lapse in concentration from an unsuspecting user could compromise your systems.
With phishing emails becoming more complex and harder to detect, it only emphasises the importance of raising employee awareness. It’s critical to prioritise the areas where a lack of action leaves your organisation most exposed, and, in this case, that means addressing careless and unaware employees, and increasing phishing awareness.
Educate, educate, educate
Teach your employees about how phishing attacks work, the tactics that cyber criminals employ, and how to spot and avoid phishing campaigns with our Phishing Staff Awareness E-learning Course. The course can be taken around existing commitments, and is a cost-effective and efficient method of delivering training to multiple employees simultaneously.
If you’re looking to establish a security culture, then a bespoke solution may be appropriate. Bespoke solutions are tailored to the needs of your organisation and take a broad look at your requirements to address any existing difficulties and limitations.
Learn more about our bespoke solutions by reading our free guide: Bespoke Learning Solutions – A Five Step Approach.