• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar

Red Sift Blog

Democratizing technology essential for cybersecurity.

Red Sift Blog
  • redsift.com
  • Featured
  • About
  • Get in touch
You are here: Home / OnINBOX / How effective is Company-wide Phishing Training?

How effective is Company-wide Phishing Training?

by Murtazah Shah
December 15, 2020December 15, 2020Filed under:
  • OnINBOX

No matter how well built your infrastructure is, your last line of defense is the human interaction, or the “human firewall”. A phishing email is still one of the most common attacks for cybercriminals to gain access to a company’s infrastructure. With this in mind, security management teams are finding new ways to protect their organization from these types of attacks, one of which is phishing training.

A cyberattack can have multiple negative effects for an organization such as:

  • A decrease in the number of new customers
  • Existing customers wanting to leave 
  • Reputational damage 
  • Financial costs for threat remediation

According to Verizon’s 2018 Data Breach Investigations Report, 30% of phishing messages get opened by targeted users.

With appealing opening rates such as these, it’s no wonder cybercriminals continue to target victims both weak and strong.

How Phishing Training can help an organization:

  • Reporting data – Some phishing training software providers show data about attachments opened, number of clicks, and if the email was reported to the security team. This will allow you to identify individuals within your organization who consistently fail the phishing simulation.
  • Awareness of phishing attacks –  Phishing attack simulation shows your employees how successful an attack can potentially be. This can raise awareness within your workforce about a vulnerability that currently exists.

Common challenges around Phishing Training:

  • Cybersecurity may not be everyone’s forte – Your workforce is the best at what they do. However not all employees will fully understand phishing training and as cyber attacks develop, this could leave a potential blind spot within your organization.
  • Time and resources – Old habits are hard to break. Phishing training is an ongoing process that requires employees to take time out of their day-to-day tasks to keep on top of these simulated attacks. As a result, people may rush through the training modules in order to return back to their usual work, resulting in inaccurate reporting data.
  • Information overload – Employees have to remember a lot of information every day. Adding phishing training and internal policies on top of everyday tasks can cause information overload for employees, potentially leading to rushed decisions such as forgetting to double-check that the from address aligns with a record in the system.
  • Blame culture – Phishing training and the subsequent testing promotes a culture of blame. Whilst testing helps to identify the people who regularly fail the training, the continual re-testing can be viewed by employees as unfair treatment or even punishment.

How to improve Phishing Training

Although phishing training increases employee awareness about potential threats, the majority of training tools will present your employees as the biggest vulnerability to your organization. Often, the training provided may not be as up to date as some of the real-life phishing attacks, making it impossible for your employees to be able to identify all types of cyberattack and leaving vulnerabilities. Providing your employees with tools that compliment existing phishing training can significantly reduce the impact of these threats. 

OnINBOX by Red Sift replaces employee guesswork with expertise by acting as a security expert inside every email, providing a rigorous technical risk assessment before telling the recipient if it’s safe to trust the email or not when they open it. Everyone in your organization can be empowered by risk indicators inside the email itself to help them confidently spot risks, effectively reducing the burden of false positives on security teams and removing the “train and blame” culture. 

Try OnINBOX free today!

Getting started with OnINBOX is simple, no software installation required and centralized deployment for Office 365 and G suite mailboxes can be set up with just a few clicks!

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)

Related

Tagged:
  • Phishing
  • threat detection
  • training

Post navigation

Previous Post Funding Secured: Cyber Challenges in an SEC-regulated Environment
Next Post Last Christmas, I gave you my heart, my bank codes and my online identity

Primary Sidebar

Recent Posts

  • Red Sift announces Gold sponsorship of the 2021 Inbox Expo Virtual Event
  • Does email security translate in to market value?
  • 2021 The Threat Landscape: Brand protection and BEC attacks lead the charge
  • OnDMARC Wins “Best-Of DMARC” Award On Review Platform Expert Insights
  • The case for embracing DORA

Archives

  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • November 2016
  • October 2016
  • February 2016

Categories

  • AI
  • BEC
  • Coronavirus
  • Cybersecurity
  • Deliverability
  • DMARC
  • Email
  • Finance
  • Labs
  • News
  • OnINBOX
  • Partner Program
  • Red Sift Tools
  • Uncategorized
  • Work @ Red Sift

Copyright © 2021 · Milan Pro on Genesis Framework · WordPress · Log in