Featured Posts
Phishing around for online safety training? Look no further.
Running a business is tough enough as it is, don’t make it harder on yourself by not having an online safety plan in place. 78% of organisations say their security awareness training activities resulted in measurably lower phishing susceptibility—one of the most common cyber threats (90%) in 2021.
It is important for cyber and online safety training to be part of the business from the very beginning, ensuring compliance, knowledge and safety are front of mind for your team.
Whilst security should be a key focus during onboarding new hires, it's also imperative that existing staff undergo continuous training to create a strong security posture and reduce the potential security risks of the organisation.
According to the latest reports, 82% of organisations have increased their cyber security budget, making training and other resources essential for organisations to stay ahead of the competition and build a resilient cyber culture.
Take the first step toward online safety by contacting Phriendly Phishing's team for a free demo today!
Here are a few tips to help you get started on your online safety training:
Stay Cyber Safe: Password security is a tool
Did you know that one weak password can compromise an entire organisation, causing risks for multiple stakeholders and clients? It is important to use your organisation's security-approved tools to ensure you keep your organisation, yourself, and your family safe!
To create a smarter password, here is a list of dos and don’ts.
Don’t ignore: Application updates
We get that it can be distracting to accept software updates, so it’s much easier to hit the snooze or ignore button. Did you know that often these updates are often sent to protect you from data breaches, identity theft and cyber attacks? They also help your applications to run more smoothly.
Many employees tend to believe that application updates are optional or unnecessary and therefore it’s essential to educate them on the necessity—and the gravity—of running patches. These are the "What's In It For Me" mental shifts we educate staff about in our training with the aim of raising more awareness and changing their behaviour towards online safety hygiene.
Be aware: Unsecure Wi-Fi connections
Our ways of working has shifted to remote or hybrid working - which means that staff are not as secure with cybercriminals having easier access to the organisations network via home/remote connections.
This leads to the issue of public Wi-Fi… is it safe?
Did you know malware can easily transfer from one device to the next when connected to the same network?
If employees must connect to public Wi-Fi, educate them on the necessity of using a Virtual Private Network (VPN) and secure their connection. A VPN encrypts data and ensures your network activity remains safe and secure even when connected to a public network
Stay vigilant: Social engineering attacks
Social engineering is one of the biggest risks to online safety with the latest reports revealing that 43% of data breaches are the result of internal threats—intentional and unintentional. As a result, cyber security awareness, prevention, and security best practices need to be a part of an organisation's culture to successfully prevent and face cyber attacks. (ref)
Social engineering often psychologically manipulates users—by creating a sense of urgency and curiosity—users into giving away sensitive information.
It’s important that all employees are aware of these attacks and the various forms they take so these can be countered at all times.
A variety of practices can be taught to employees to ensure they combat social engineering and put their online safety first, including:
- Not opening emails from untrusted sources
- Look for suspicious offers
- Device security (locking the devices whenever they are away from the workstation)
- Ensure their antivirus/malware software is up-to-date
In our Keep Secure Training Series, Learners will explore the different types of social engineering attacks and how their identify can be profiled and used against them by an attacker.
Report suspicious activity
Ensue you report any suspicious activity, loss or theft to your Security team immediately! If it ends up being a safe email then at least you have done your due diligence, if it isn’t safe, this is a great way for everyone to learn from the same situation and avoid it in future.
We hope these Phriendly Tips help you and your organisation stay cyber-safe!
Contact the team for a Free DEMO today and receive a cyber awareness month tool kit for your team.