6 tips for people-centric cybersecurity training

Posted by Tilt Recruitment on December 7th, 2020

6 tips for people-centric cybersecurity training

Posted by Tilt Recruitment on December 7, 2020

Your people want to trust you. Which is great – until they trust a  communication that’s not really from you and lay your whole business open to a cyberattack.

Here are 6 tips to make sure that doesn’t happen.

  1. Make it fun

Create trainings people actually want to take part in. Make videos people want to watch. Include stories and humour. Getting people really engaged might cost more, but it’ll save you money when the cybercriminals attack.

  1. Make it easy

Your people are the customers here. Make it frictionless so that they’ll buy in. Could you explain it to your grandma in half an hour? If not, it needs to be more user-friendly. That means no asking people to create and remember long strings of gobbledygook as passwords. Check out Azure Active Directory’s passwordless identification options instead. And to spot your vulnerable users before the criminals do, you can use Plan 2 on Microsoft Defender for Office 365 to run a realistic attack simulator.

  1. Focus on phishing

Phishing is your biggest risk. It’s responsible for nearly a third of security breaches, and the average phishing attack costs the organisation upwards of a million pounds. Even with security training, workers still click 20-30% of phishing links – and the rise of home working has led to new ploys like consent phishing. Focusing your resources on the real risk will drive positive engagement.

  1. Be honest about breaches

No company is invulnerable to cyberattacks. When you keep your people in the loop about them, they’ll realise they’re the first line of defence and be more vigilant in future. Just don’t give them so much detail that they can all work out exactly who clicked the dodgy link.

  1. Go beyond compliance

This has to be more than a box-checking exercise. Go beyond the annual training – for example, run refresher courses after breaches.

  1. Communicate continuously

Include security news in your regular staff communications. Tell your people about the big hacks that make the news and about the smaller scams and identity-theft issues we all face. Tell them about security in your supply chain, shadow IT and the risks of using an unauthorised device. Demystify the scary subject of cybercrime and make your people feel empowered to keep themselves and the organisation safe.

Latest blog posts

The Transformative Impact of Cloud Computing on IT Job Roles

Posted on

Cloud computing has become a game-changer in the world of information technology, revolutionising the way businesses operate and transforming the roles of IT professionals. As organisations increasingly adopt cloud-based solutions, the demand for skilled professionals in this domain has skyrocketed. In this blog post, we’ll explore how the implementation of cloud computing is reshaping IT […]

Read more

Building a Strong Employer Brand in Tech

Posted on

In today’s hyper-competitive tech industry, having a robust employer brand is the key to attracting and retaining the best and brightest talent. Your employer brand is the reputation and image your company projects as an employer, and it can be the deciding factor in whether top tech professionals choose to work for you or your […]

Read more

In-Demand Tech Skills: What Employers Are Looking for in the Modern Era

Posted on

In today’s fast-paced digital world, technology is advancing at an unprecedented rate. From the rise of artificial intelligence and machine learning to the ubiquity of cloud computing and cybersecurity threats, the tech landscape is constantly evolving. As a result, employers are seeking professionals with a diverse range of skills to stay ahead of the curve […]

Read more

Get in touch and we’ll call you right back!

    Before getting in touch with us, please ensure you take a look at our privacy notice so you understand what data we collect from you, why we collect it and what we do with it.

    Fields marked with * are mandatory