Vendor Spotlight, KnowBe4: Security Awareness Training
What is the weakest link in a company’s IT security? IT companies would almost unanimously agree that people are the biggest threat to their information systems. Today, human error accounts for more than half of all security breaches. Why is this the case? According to KnowBe4, an Impact partner and security awareness training platform, 91% of all data breaches start with a spear phishing attack.
What is a spear phishing attack? Spear phishing is an email targeted at a specific individual or department within an organization that appears to be from a trusted sourced. In most cases, cybercriminals use spear phishing attacks to steal a company’s confidential information.
In 2017, ransomware attacks and CEO Fraud, a type of phishing attack, increased significantly with nearly $5.3 billion in damages lost. The increase in CEO Fraud has proven to be an incredibly successful and lucrative scam. The results of a successful CEO Fraud attack can be incredibly damaging for the company and the employees. As shown in the infographic below employees are the key to giving hackers access to a company’s data.
Today, every company needs to implement security awareness training to add an extra layer of protection for their business. Hackers are becoming increasingly more sophisticated, and social engineering and software vulnerabilities make it impossible for endpoint security to catch everything. While a company can never be fully protected, training will help to significantly reduce risks. Below are ways to manage the ongoing problem of social engineering:
- Baseline Testing: Test users through a simulated phishing attack to assess the phish-prone percentage of users.
- Train Your Users: Use on-demand, interactive training that includes common traps, live hacking demos and ongoing education with security hints and tips emails.
- Phish Your Users: Utilize fully-automated simulated phishing attacks for continued testing.
- See the Results: Implement enterprise-strength reporting with statistics and graphs for both training and phishing.
Impact’s Managed IT CompleteCare program includes KnowBe4’s security awareness training, or it can be purchased as a standalone cybersecurity solution. Training along with a proactive security plan will help to reduce the risk of cyber threats. Coupled with other security components of the CompleteCare program, security awareness training will propel your organization towards enhanced security. Get in touch to learn more about Impact’s Managed IT program.
Or, download our eBook, What Makes a Good Cybersecurity Defense for a Modern SMB?