A company of 50 employees may seem “too small” to be targeted for a cyber attack but in the eyes of a cyber criminal, 50 employees are 50 possible attack vectors to exploit. Inbound spam filtering and outbound web filtering may be helpful. It is recommended to provide periodic cyber awareness training and enforce security policies. But all it takes is one of those 50 employees, one time, to get caught off guard and fall victim to a phishing email.
Preventing phishing attacks is close to impossible. A better strategy is to minimize your risk of an employee engaging with a phishing email and limit the damage any successful phishing attack can cause. If a phishing attack is executed, you should immediately isolate the compromised PC from the rest of the network. Never forward the email, not even to your IT department. The best way to defend against attacks is to share with your workforce how your internal defenses work. Openly discuss security measures, enforce all policies, conduct periodic incident response drills, talk through the results, and adjust the methods where necessary.
How Can we Fight Back Against Phishing?
Cyber criminals try take advantage of human error. The best way to try to defend against cyber criminals is to think like one. This can be accomplished with regular awareness training. Your employees should be aware of new and evolving scams and be trained on what to do once they identify a scam.
Cyber awareness training for employees across the entire organization is really important in any industry. In fact, it is a requirement for employers to provide all employees with cyber awareness training for data security laws, such as the General Data Protection Regulation (GDPR) and the New York SHIELD Act.
On the Eleventh Day of Cybersecurity, Kyber gave to me…
A one complimentary phishing test. While we do recommend regular awareness training (more than once a year), this test will give valuable insights into your workforce. You will be able to find out what percentage of your employees are prone to phishing attacks with this phishing security test. You will also be able to see how you stack up against your industry peers.
IT pros have realized that simulated phishing tests are urgently needed as an additional security layer. Today, phishing your own users is just as important as having antivirus and a firewall. It is an effective cybersecurity best practice to patch your last (and best) line of defense: your end users.
Here’s how it works:
- The test is available for up to 100 users.
- Choose your phishing test template.
- Show users which red flags they missed, or a 404 page.
- Get a report with your results and charts to share with management.
- See how your organization compares to others in your industry.
Email us at firstname.lastname@example.org to schedule your complimentary phishing test.