Let’s set the scene. An employee comes into work one morning and logs into their device. Going through their emails, they spot an unfamiliar address asking them to open a link and download some files that belong to the organisation. Although slightly wary, they believe it is legitimate and click on the link. Within several hours, their device becomes unresponsive, files have disappeared and sensitive data is no longer available. Sound familiar?
This is essentially a common form of Phishing, happening to organisations throughout the world on a minute by minute basis. We’ve all heard of this scenario and may think ‘That will never happen to my business, we have appropriate measures in place.’ It’s just the tip of the iceberg though. Attacks can come in many forms but more often than not, they are a lot more sophisticated and clever than we may give them credit for. Did you know that 46% of businesses have reported a cyber-attack?
Targeting members of staff through ‘Phishing’ emails is one of the most common forms of cyber-crime as it heavily relies on human error and not necessarily the protection software you may have in place. Cyber criminals can often do their fair share of homework, ensuring that their strategy to obtain your organisation’s data is well thought out and planned in order to maximise their chances of success. These include using appropriate language to appear legitimate and reliable, using known logos and graphics, even researching trusted members of staff! There isn’t necessarily an end to their efforts.
What’s the damage?
If an attack happens then it can leave an organisation exposed. Sensitive data may be lost, systems may be corrupted and more often than not, it can result in years of hard work potentially being lost. It’s important to ask yourself, what is this damage going to cost?
Recovering from a cyber-attack is not as simple as switching the computer on and off again. It can sometimes take years to fully recover. Amazing really, as it can potentially take less than a second to click on an unfamiliar link. Having the right protection in place goes beyond ensuring devices are protected, staff need the correct awareness and insight as well!
What is the benefit of training?
As we’ve said many times before, the internet is quickly evolving. This ultimately means that so are the attacks and the criminals who operate them. We may laugh at the occasional spam email but unfortunately it takes only one mistake to cause devastating consequences.
Ensuring that your staff are trained in all walks of cyber security can offer much needed peace of mind in your day to day practice. Phishing emails can enter mailboxes at any given time and it is up to the staff to respond correctly and not engage. Managing a team can be tough but giving them the right tools can set them on the right path.
We are currently offering the latest in cyber security training from Mimecast. This engaging training course contains fun and easy modules with a light hearted tone to tackle some of the most common cyber security topics. Get involved today and train staff up with the right knowledge.