You Need Employee Training for Cyber Security

Cybersecurity risks without training

It’s easy to underestimate the amount of risk a typical employee takes on each business day. Especially now that many teams have gone hybrid or fully remote for the foreseeable future, we’re all interacting more than ever before with virtual interactions that are sometimes easy to fake! More than ever before we’re seeing even high-profile companies become the target of successful data breaches and cyber-attacks. In 2021 the Identity Theft Resource Center’s annual report showed that the number rose 68% to an all-time high of 1,862 known breaches.

For small businesses, the effects can be even harder to manage. Kaspersky Lab found that the average direct costs of a security breach on small businesses was $38,000, which doesn’t include costs to reputation or damage to your brand or intellectual property!

So, the short answer is yes, especially if you participate in remote work. Nowadays not having ANY employee training on cyber security is simply a bad idea. But if you don’t have anything in place, where do you even start? What are the things you should be making sure your employees are identifying? Let’s go over the basics.

Cyber Security: Email

Let’s set the scene: your coworker gets an email. It’s from their superior. They want to meet with the employee privately, so there’s a link to join the meeting at 2:00 today. “Huh, that’s weird, I don’t usually meet with this person” the coworker might think, but they click the link anyway and BOOM. This is called a phishing scam, and that’s an easy way that malware infections to spread.
How can you mitigate this risk? Your employees may need training to remind them not to trust emails that look like they’re coming from coworkers, superiors, or leads. Phishing attacks make up a reported 80% of all cyber-attacks, so this is a big one!
As a rule of thumb, your training needs to remind employees to…

Some ways to train employees to watch out for these scams are:

Cyber Security: Passwords

Here’s the scene: your newly remote employee has downloaded 5 new applications to their computer, and all these applications require passwords! The employee feels overwhelmed and is having to reset their passwords every time they need to use the new software. Frustrated, they decide that they’ll just make all their passwords the same, so they never forget. (But you see where this is going right?)
Password protection is a HUGE way that cyberattacks can occur! If the password isn’t strong, or even worse if an attacker can use the same password to access every area of your business, then you’re just asking for trouble.
Employees will need to be reminded…

Some ways training can help…

‘Drive By’ Download Attack

Here’s the scene: your coworker just got a notice from a website they don’t remember subscribing to. They scroll down to click the “unsubscribe” button at the bottom of the message. By clicking this button, they’ve inadvertently given consent to a download of unwanted or even malicious software, or even to take personal information or spy on the user.
This can also happen innocently by clicking on popup ads, opening email attachments, or visiting sketchy websites.
Employees need to know…

Some ways training can help…

Even with all the best laid plans, there’s still a risk that you may encounter a cyber-attack, so we encourage everyone reading to do your best to prevent it before it starts! Get these tips in motion asap for the best chance at protection.

Would you like a consistent cyber security training program in place at your company? Contact Digitec (now Apti) to find out more about our NetDefense Pro subscription.

Want to be notified about new posts?
Subscribe to our mailing list!