Patching the Humans

Patching the Humans

19th June 2018 Security

How to train your staff how to spot Phishing emails

You’ve worked hard, and you have your IT security pretty well locked down: your network is protected by a half-decent firewall and you have up-to-date antivirus software on your PCs. Then, one of your staff clicks on a link that’s in a very convincing Phishing email and suddenly you’re dealing with a full-on Ransomware attack with everyone locked out of their systems…

An industry source recently stated that 91% of Ransomware attacks are started by someone opening a Phishing email. You can have lots of security on your computer network but if you then invite the bad guys in by clicking on the wrong link, opening the wrong email or visiting the wrong website then there’s not much that your security can do: It’s a bit like living in a fortress then opening the gates when the enemy arrives because it doesn’t look like the enemy to you. The security is not at fault, the problem is the human element.

KnowBe4, which is widely known for its excellent training videos, has another ace up its sleeve: the ability for companies to run Phishing simulations. Think about the example that I mentioned earlier, if that member of staff had been trained to spot Phishing emails then there’s a very good chance that the Ransomware attack would have been avoided.

With the KnowBe4 system, a business can run entire campaigns and easily see which members of staff are falling for the simulated Phishing emails. Obviously, those individuals then need more training and your business will safer as a result.

KnowBe4 provides lots of templated emails to choose from and setting up a campaign is quick and painless. For the more advanced amongst us, there is the option of making your own Phishing emails so that you can include such things as names of certain trusted people within your company and generally refer to things which your staff may not think that a cybercriminal could know. However, these criminals can be very clever and such emails do simulate real-world threats, just in a safe way.

Training by Phishing simulation is not expensive; training by experiencing a Ransomware attack is. Patch your humans before it’s too late.

Talk to Brigantia Partners on 020 3358 0090 or email to find out more.

About the author

Henry Chaw:

  Join our newsletter