
Security technology alone cannot solve all cyber security challenges, you need to consider your people and processes too, especially as cyber criminals know that if they send out enough phishing emails someone somewhere will mistakenly click on a link. That’s why cyber security awareness training is essential.
However, cyber criminals are levelling up, and over the past year there has been an upwards trend in more complex social engineering attacks, with cyber attackers using targeted sophisticated psychological manipulation to trick users into making security mistakes such as access to systems and sensitive information.
A perpetrator first investigates the intended victim to gather necessary background information, such as potential points of entry and weak security protocols.
They then move to gain the victim’s trust, quite often going to surprising lengths over a period of time to develop rapport, before initiating an attack.
They typically use real life events to build ‘common ground’ and to develop an emotional response. They also utilise a mix of communication channels over a period of time – emails, call centres, messaging and chat – to come across as legitimate, professional, and trustworthy.
Human error accounts for 90% of breaches
With human error accounting for over 90% of security breaches it’s critical that a robust ongoing effective cyber awareness training programme is put in place to protect your organisation from security breaches.
With cyber security training it’s not a case of delivering a course, ticking the compliance box, and then you are done.
Cyber criminals and their tactics constantly evolve, and so must your cyber awareness training. By delivering frequent and targeted training you can improve your organisation’s capability at identifying and responding to threats.
How confident are you that your current cyber security awareness training covers all the latest tactics employed by cyber criminals?
For example, does it include “thread-hijacking”? This latest hacking method is where an attacker, who is already lurking on someone’s email account, inserts themselves into an existing email conversation, becoming part of a legitimate email thread, and the victim is far more likely to open attachments, click on links or carry out some task the attacker asks them to do.
Clever right? Humans are far more vulnerable than technology. That’s why cybercriminals are targeting your staff.
Free cyber security awareness assessment
So how can you prepare those in your business and supply chain to be on the lookout for such attacks?
Here at Infosec Partners we work with you to create the strongest line of defence against cyber threats.
We are currently offering a free security awareness assessment of your organisation so that you can gain an understanding of how well your security awareness training programme measures up against the current threat landscape.
Alongside this we offer a free 10 day trial of our behaviour-driven security awareness training platform.
Our platform enables you to deliver frequent and targeted cyber security awareness training based on the specific behaviours of each individual employee, so you can continually improve the effectiveness of your human firewall.
We can help you to empower your staff to become your greatest security asset, contact the Infosec Partners team to sign up.