6 tips for people-centric cybersecurity training

Posted by Tilt Recruitment on December 7th, 2020

6 tips for people-centric cybersecurity training

Posted by Tilt Recruitment on December 7, 2020

Your people want to trust you. Which is great – until they trust a  communication that’s not really from you and lay your whole business open to a cyberattack.

Here are 6 tips to make sure that doesn’t happen.

  1. Make it fun

Create trainings people actually want to take part in. Make videos people want to watch. Include stories and humour. Getting people really engaged might cost more, but it’ll save you money when the cybercriminals attack.

  1. Make it easy

Your people are the customers here. Make it frictionless so that they’ll buy in. Could you explain it to your grandma in half an hour? If not, it needs to be more user-friendly. That means no asking people to create and remember long strings of gobbledygook as passwords. Check out Azure Active Directory’s passwordless identification options instead. And to spot your vulnerable users before the criminals do, you can use Plan 2 on Microsoft Defender for Office 365 to run a realistic attack simulator.

  1. Focus on phishing

Phishing is your biggest risk. It’s responsible for nearly a third of security breaches, and the average phishing attack costs the organisation upwards of a million pounds. Even with security training, workers still click 20-30% of phishing links – and the rise of home working has led to new ploys like consent phishing. Focusing your resources on the real risk will drive positive engagement.

  1. Be honest about breaches

No company is invulnerable to cyberattacks. When you keep your people in the loop about them, they’ll realise they’re the first line of defence and be more vigilant in future. Just don’t give them so much detail that they can all work out exactly who clicked the dodgy link.

  1. Go beyond compliance

This has to be more than a box-checking exercise. Go beyond the annual training – for example, run refresher courses after breaches.

  1. Communicate continuously

Include security news in your regular staff communications. Tell your people about the big hacks that make the news and about the smaller scams and identity-theft issues we all face. Tell them about security in your supply chain, shadow IT and the risks of using an unauthorised device. Demystify the scary subject of cybercrime and make your people feel empowered to keep themselves and the organisation safe.

Latest blog posts

Blog Title Harnessing Data Analytics in Talent Acquisition: The Future of HR Tech

Posted on

Data is the new oil, and this is never more prevalent than in HR talent acquisition for the tech industry. When implemented well, the insights and information that can be gleaned from good data analysis shape hiring decisions for the better, but the good things don’t stop there. With this in mind, let’s explore how […]

Read more

The Role of Artificial Intelligence in Streamlining IT Talent Acquisition

Posted on

In November 2020, Chat GPT launched to the public. For many, it was their first experience of using artificial intelligence (AI). The generative AI provided a glimpse into the power of the technology as it completed tasks in seconds, which would take your average human a good thirty minutes to do. Since then, the technology […]

Read more

Blog Title Digital Nomads Changing the Landscape of Remote Tech Talent

Posted on

There can be no question that the worldwide lockdowns changed the landscape of how we work. Whereas prior to 2020 we were sitting in offices, often in cubicles, ploughing into our daily tasks, now many in the tech sector, especially, are sitting in their kitchens working remotely and effectively. Once You See Remote Work You […]

Read more

Get in touch and we’ll call you right back!





    Before getting in touch with us, please ensure you take a look at our privacy notice so you understand what data we collect from you, why we collect it and what we do with it.

    Fields marked with * are mandatory