We have said it in countless blogs, lunch and learns, and meetings with our clients – you are only as secure as your users. All it takes is a single click on a bad link and your data, customer data, and business are all at serious risk. At a recent conference, we learned about a security awareness training tool that we believe many could benefit from.
A little background…
What is Phishing?
There are many ways cyber criminals, or hackers, try to obtain your sensitive information. Phishing is just one of those ways, where a criminal is imitating someone or a company you trust to gather your username and password, credit card information, or other identifiable information (bank account, social security number, etc.). There are many different types of phishing scams.
The most common are in the form of email spam or spear phishing. Spam email is the most common form of phishing. It takes very little time for a criminal to craft an email to send out to millions of users. The hope is that even if a few click on the email, the criminal will obtain some information and eventually some form of monetary benefit.
In “spear phishing,” the criminal targets a specific person or organization. It may be based on their status, a CEO, or industry, like a wealth management firm. They spend time researching their processes and communication patterns to make a more personalized attack.
With KnowBe4, you can bring awareness to the severity of phishing scams and educate your employees to make smarter security decisions. This is how it works.
KnowBe4 has hundreds of email templates based on “Reported Phishes of the Week,” industry, seasonal, technology and more. By editing the information, you can make it more or less conspicuous. At first, you may want to send out a more obvious phishing email. This will show you who in your company needs training.
Offer Security Awareness Training
After falling victim once to this phishing test, your users will understand and accept that training is necessary. KnowBe4 offers the world’s largest library of security awareness training content. This includes interactive training modules, videos, games, posters and newsletters.
Phishing Your Users
This sounds conniving, but it’s a really great way to see how well they have digested their training resources. There are hundreds of templates already created, as well as templates uploaded by other community members. These can be scheduled automagically to appear less obvious – such as over the weekend, or after hours.
Detailed reports include clicks, replies, attachment opens, and how many reported the email.By tracking the results of how your users react to the test emails, you can encourage more or less training. Also, track who in your organization has attended training.
Interested in learning more?
Reach out to us and let us know. We’d be happy to give you a brief demo of KnowBe4 and see if it would be a good fit for your company.
HOWARD TECH ADVISORS: YOUR PARTNER IN TECH
At Howard Tech Advisors, we manage your IT infrastructure so that you don’t have to. Whether you need assistance creating a disaster recovery plan or you’d like to outsource your IT needs, we can help! Keep up with our weekly blog to stay up-to-date on the latest tech trends, security information you need to know to stay safe online, and tips and tricks to effectively navigating an increasingly mobile world.