With A-another Data Breach reported in 2020, can Cyber Awareness Training Help?
Throughout August, there did not seem to be a day where there wasn’t a data breach or cyber-attack mentioned in the news. At least, it felt that way and the figures speak for themselves.
Across the month, there were 99 data breaches, of course, many organisations prefer not to disclose such incidents, making that 99 the bare minimum.
The British Dental Association, Luminate Education Group & Meyerscough College were just a few UK organisations targeted using varying methods, ranging from ransomware to DoS methods.
Continuing to exploit organisations whatever the situation on going in the world, cybercriminals are demonstrating no mercy as they develop new, more sophisticated techniques of infiltrating networks.
What we can learn from these:
No doubt the unsolicited access by the offenders involved in the cyber-attacks mentioned above used varying threat vectors, such as malware, ransomware, or phishing. Unfortunately, there is not one method of attack with an equal prevention method.
A common and ever evolving method of attack however is social engineering. When adopting this approach, hackers take advantage of the most common, often most vulnerable element of an organisation – humans. This method leverages psychological manipulation to exploit people’s weaknesses with the aim of gathering information or valuables. Examples include phishing, spear phishing and whaling to name a few. Human Error is responsible for 88% of data breaches within the UK alone, apply that across the globe and we have an even more frightening statistic on our hands.
So, what can organisations to do help reduce human error and therefore risk ?
The simple answer – educate your people. Easier said than done though some may say – creating then delivering content and analysing performance and results can be time consuming in what is already a busy, non-stop department of any business. Not to mention the threats which are evolving almost daily, making it hard for training to be relevant – did that training your end users did a year ago involve phishing emails leveraging COVID–19? No, I am not sure either.
These truths cannot be swept under the carpet and forgotten about, threats will continue to evolve, and cybercriminals will develop new ways of exploiting human weakness.
How can businesses combat human error in a non-time consuming, effective way?
The Boxphish Cyber Awareness Training software is designed to improve the online security knowledge of end users and reduce their level of risk – this is achieved through email threat simulation and diverse training.
We deliver regular, bite sized and automated staff cyber training alongside bespoke phishing simulations to increase awareness and promote safe online behaviour. Varying our teaching technique with videos, infographics and quizzes allows our training to cater for multiple learning types and make it as effective and engaging as possible.
By continuously educating staff, cyber knowledge is able mature as threats do while we continue to see them become more sophisticated.
Take a look at our Resources page for more useful content: Resources