Training staff to become your first line of defence rather than the first line of weakness is essential. There are lots of scary stats and it is very hard to trust any, the only common factor when looking is most breaches start with human error and more commonly now phishing attacks.
Ensuring the right type of training is utilised is more difficult than ever. Knowing where to begin and understanding your overall requirements can be very complex. Having worked on projects ranging from global security awareness training, to helping a small charity adequately train staff we now understand how to guide you.
This is where you train your staff to know what to look for, it can be: phishing, SMShing, Vishing or how to correctly challenge someone looking shifty onsite. Having confidence your staff know how to stay safe online both at work and at home, and if they see or do anything know how to report it cannot be undervalued.
This can take the form of a phishing simulation, smshing attack, vishing calls or a full onsite breach. With options for of a full managed service or to run it internally if you have the resources. It will give value feedback and check what you are doing is working.
Are you sure your technical staff would know what to do if a breach has been detected? Do they know how to preserve potential forensic evidence properly without causing more damage? Very few organisations undertake this, but those that have come out with a better understanding of how to contain and respond to an attack or breach.