You’ve got the best security infrastructure possible; verification to the highest levels and real-time monitoring. But unless the users are not security-savvy it could all be a waste of time and money.
That’s where the proper training comes in. With staff clued-up on phishing or other online scams, errors due to ignorance are reduced, the system is more robust and practices are more compliant.
There are two levels in play here that lead to human error error-induced security breaches; the sophistication of the spam and phishing emails and the expectation that some requests will be followed simply based on internal hierarchy. “An admin in the finance team may get an email from the CFO asking for £10,000 to be transferred to a certain account. Of course, it’s not from then CFO, it’s someone masquerading. But the admin does not feel confident enough to challenge and check with such a senior finance officer. Security training aims to address that,” said Dominic Ryles, Business Development Manager IT Enterprise Commercial.
According to Kaspersky, 90% of data breaches are down to human error. Now, a programme from Kaspersky and offered by Exertis Hammer, is available that provides training tailored for individual users and takes them through various stages of complexity and conformity. Each stage generates simulated attacks (these are emails arriving in the inbox that pretend to be phishing or spams but in realty are harmless from Kaspersky) that test and monitor the user’s levels of security awareness.
Using artificial intelligence, the system monitors and reports on the user’s level of sophistication in identifying potential threats. The programme can be bought up front or on a monthly subscription to allow its costs to be treated as either either CaEx or OpEx. “The security awareness market is predicted to be worth $10 billion by 2027,” said Dominic Ryles.
Published Date: 07/02/2020
Back to News