Security / Compliance
National Cyber Security Month 2019 Week 3 - Human error poses one of the biggest risks to organizations

Human error poses one of the biggest risks to organizations
An organization may have a talented group of professionals but the dirty little secret in cyber security is, that no matter how skilled employees are, they still represent the biggest risk. Research shows that human error ranks higher than software flaws and vulnerabilities for cyber risk. So high, in fact, that it’s a contributing factor in more than 90% of breaches, according to a 2018 Ponemon study sponsored by IBM.
Email phishing contains the hook
In a phishing simulation with a 6,500 employee software company that does not provide cyber awareness training, more than 500 employees clicked on a phishing email link, in under a second of the email being opened.
Awareness training contains the antidote
In companies that provide security awareness training for their employees, training results show that employee knowledge on security topics increase by 400% or more. These results demonstrate the need for training enforcement, that is delivered persistently over time, and that concentrates heavily on helping employees detect and avoid email-borne attacks.
It's all about awareness training
Awareness training should be considered mission critical and taken as seriously as any other security component. Many organizations are doing some kind of training, but the detail of how they're doing the training, is vastly important. Some types of training work, and some don’t. Educating employees on email security cannot be achieved through a single training session or non-interactive materials like corporate videos or mass produced pamphlets. Training should be interactive, include post-training testing, and have included supplemental materials for common areas and individual desks. In addition, this type of training needs to be conducted quarterly to stay top of mind.
Related Articles

Security / Compliance
Common Cyber Security Mistakes To Avoid
Avoiding these simple mistakes can go a long way to ensuring security for you and your customer.By / Advisors / February 7, 2020

Security / Compliance
National Cyber Security Month 2019 Week 4 - The most effective security beyond the firewall
Firewalls must be in place or networks would be taken over in seconds. Beyond the firewall, employee awareness training is the single most effective way to secure an organization.By / Advisors / October 17, 2019

Security / Compliance
National Cyber Security Month 2019 week 2 - Building Cyber Resilience
Cyber resilience can mean many things to different organizations, but generally it’s about strategically implementing preventive measures to ensure full preparation for whatever security risks come your way.By / Advisors / October 3, 2019