We often hear a similar story when new companies call us desperately looking for a quick IT solution. “As soon as I clicked it, I realized I shouldn’t have. I know better.” This is typically something that a user says following a virus infection or a successful social engineering hack.
Preventing this situation is exactly why regular user security training is a critical component to a comprehensive network security plan. User security training is not just for some of your users. Contrary to popular belief, it’s imperative that all users participate…including ‘C’ suite executives!
Anyone holding authentication codes that allow access to your network must endure these regular reminders of the latest and most successful strategies hackers use to obtain access to your data. Their objective may be to encrypt your data and hold the electronic key as ransom. It may be to farm the data looking for information that they can monetize, including account numbers, social security numbers, birthdates, and more. Or, these hackers may just want to disrupt your business with a Denial Of Service (DoS) attack or embarrass your company by having to report a hack.
At NetCenergy, we’ve been providing quarterly user security training (along with ethical phishing attempts) for years. All too often, users balk at attending the sessions. You see, many believe they are fully aware and savvy regarding cybersecurity, and they will try anything to get out of sitting for 60 minutes in a training room. But once the “know it all’s” complete the training, they invariably learn something new. More importantly, it keeps them on their guard.
If your Managed Service Provider maintains a strict schedule of user security training, you should demand that all of your users attend, each time. Including you! If your service provider doesn’t offer trainings, it should raise a red flag. Are you really doing all you can to ensure that you don’t become another statistic? Ransomware is a very real, very expensive, and very disruptive business threat that continues to grow. If you aren’t sure if your current MSP is doing enough to train your users on security threats, or you just want to learn more, contact us. Preventing an attack is considerably cheaper than recovering from one.
Authored by Donald Nokes