According to a Vanson Bourne survey of 500 chief information officers (CIOs) from organisations with more than 1,000 employees in the UK, US and Germany, 94% of CIOs have pushed for increased investment in educating staff after recent headlines about phishing and ransomware. With phishing and ransomware attacks increasing in both volume and sophistication, this is a wise move.
99% of CIOs see employees as the last line of defence against hackers. The research also found that organisations spend 276 hours a year arranging and delivering in-house training.
Simon Crosby, CTO for Bromium, said:
The fact is, most employees are focused on getting their jobs done, and any training will go out the window if a deadline is looming.
This is understandable, especially since training will disrupt an employee’s day and take them away from their desk, causing work to mount up. E-learning is often a preferred substitute as its flexibility allows staff to learn at their own pace and fit it around their workloads. Employee training is vital and it needs to be ongoing to be successful.
What can you do?
Our Simulated Phishing Attack will establish how vulnerable your organisation is to the threat of phishing. The service provides an independent assessment of employee susceptibility, and benchmarks your security awareness campaigns. It can help you to:
- Satisfy compliance and regulatory requirements;
- Adapt future testing to areas and employees at greatest risk; and
- Reduce the number of employee clicks on malicious emails.
After conducting this test, we advise enrolling your staff on our Phishing Staff Awareness Course. The course will reduce the likelihood of your employees falling victim to scams by helping them understand how phishing works, the consequences of a successful attack and how to identify and respond to malicious messages.