Worryingly, you only need one to get through any physical or human layers of protection to cause a massive amount of harm, and cyber criminals know this.
Another area of concern is that some people are more likely to keep on opening phishing emails than others – even after training.
Some might argue that ‘training doesn’t therefore work’. But that’s not right.
Adapting to different learners’ needs
We believe it means that sometimes you have to adapt your approach to meet different leaners’ needs, and elearning can be really good at that.
Things like ‘little and often learning’ help. In other words small pieces of training which focus on different aspects of a topic. These can be far more effective than a one off ‘hit’. It’s like any form of practice, doing regular short periods of practice is more effective than one long session.
A lot of cyber crime protection is about getting into good habits
For example, using strong, unique passwords, checking links before you click on them, updating software and so on. We need to do these things at work, and we also need to do that at home. This is about an attitudinal change from – ‘it will never happen to me’, to ‘better safe than sorry’. We still lock the front door even though it might be unlikely that we’ll be burgled when we’re out.
Being vigilant and reporting
As with other forms of attack, we need to be ever more vigilant. In order to do that, we need to hone our skills in recognising what is suspicious, and adopt a more curious, more suspecting attitude and not take things at face value all the time.
A lot of companies have a no blame culture to encourage people to report it if they realise that they have clicked on something which might be suspicious or have visited a potentially malicious website. This can be really helpful as it informs the people in charge of security where the attack has come from and how to shore up any vulnerabilities.
Examples of videos that can be used to help colleagues
You can see all our videos on our showreel page, but if you’d like to pass on and share links with friends, family or colleagues, here are some of our YouTube versions.
Spotting phishing emails. It’s not the ones you spot that are the problem, it’s the ones you don’t.