They say a little knowledge is a dangerous thing. What if your password got into the wrong hands? How about if a journalist got wind of a data breach?
In business, knowledge gaps are a very real security risk. Nick Holden, MD of NexusProtect, recommends regular staff training on every facet of business security – even simple matters that we often overlook.
“Even something such as an employee’s simple mistake in clicking on an email link could lead to huge losses,” says Nick. Whether security threats are planned or accidental, businesses can save thousands of pounds by investing in staff education and culture.
Learning from Others’ Mistakes
One of the best-known accidental business security breaches was Equifax in 2017, causing a leak of 147 million users’ data.
Nick says: “People can ‘open the back door’ easily. The Equifax breach happened through a weakness in a third party’s application, followed by a two-month delay from the Equifax team to deal with the issue. It’s a classic example of a failure by people to identify the risk and then deal with it!”.
Equifax’s reputation continues to be damaged to this day. According to a recent study on Google search trends, the Equifax brand is the most searched-for term for those looking up data breaches.
Assessing your Staff
“Regular training and awareness are crucial to keeping your company safe,” says Nick.
As part of the NexusProtect 360° holistic package, the company provides training sessions, reviews and advice, from operational delivery to strategic direction.
“Up to nine in 10 data breaches are caused by human error. For this reason, staff should regularly undergo training to look at all areas of risk to a business”
“We recently supported a global phishing exercise. We discovered that 74% of executives clicked on a phishing email.”
“Of this 74%, only 8% had completed security awareness training.”
How Crucial is Regular Training?
Cyber security is perhaps the most obvious argument for regular refresher courses. The scope of online threats is growing by the day, with the cost of cyber crime set to rise to £4.7 trillion by 2021.
It’s not just digital, however. Updates to EU directives such as GDPR or Strong Customer Authentication all require compliance training, which may sometimes go under the radar. “Large multinationals should have their house in order, but smaller businesses or schools don’t always have the resource to be compliant.”
“Our training ensures that businesses are up-to-date with their policies and processes, helping them to avoid business disruption and possible fines”
“Whether it’s avoiding reputational damage, financial loss or both, your staff are your biggest investment,” concludes Nick. “By keeping them in the know, you can assure your customers that they are in safe hands.”
For an accompanying read, please visit NexusProtect Reveals Your Employees’ Risk to Your Business.