US companies will spend nearly $100 billion on cybersecurity this year according to analysts at the recent Gartner Security Summit. Despite this investment, many companies remain vulnerable to phishing and other types of cyberattacks. Without training, employees continue to be one of the easiest entrances into an organization’s network.
A recent survey reported on by eSecurity Planet found that over half of non-IT employees do not receive training on security awareness and preventing security breaches. Both large and small companies missed this critical component for building an effective cybersecurity program.
Scammers can be very effective when talking to or emailing employees within the company. Many employees post information about their jobs and companies on social media such as LinkedIn and Facebook, giving access to data points that can be used to build trust and give the impression of legitimacy.
Employee training and awareness campaigns can help secure the company’s data assets while also building skills and knowledge that employees can use to protect themselves and their families. After hardening network firewalls and other security measures, do not give criminals easy access to valuable information because employees are not aware of ongoing threats.