50% of employees admit to clicking links from unknown senders. But which 50%? It’s time for a targeted approach to cybersecurity training.
Teaching users with simulated phishing attacks and training is half the battle in the race against phishing attacks. But what about the real test for users? The phishing emails, the unverified USBs, the ones that cripple the customer database on a Sunday at 1am?
Sophos Phish Threat now offers a breakthrough in cybersecurity training. By connecting Sophos Email and Phish Threat, you are able to identify risk users in your organization – those who need a more targeted approach to training.
Look at the connection between Sophos Email and Phish Threat at the video below:
A breakthrough in cybersecurity training
50% of employees admit having clicked on an email link from an unknown sender in the last 6 months that turned out to be malware or a scam (based on a research for Sophos carried out by RWB amongst a panel resulting in 1,010 respondents). Regular attack simulations and security awareness training make all the difference, with existing Phish Threat customers able to reduce susceptibility to attack by 31% in just four tests.
The test provides a report of risk users. It highlights which users are clicking malicious email links, and identifies those who have either been warned or blocked from visiting a website due to its risk profile. You can then enrol those users in Phish Threat simulations and security awareness training with one click.
How can you really protect your organisation?
We should be aware that the greatest risk from attackers is not individual campaigns, but instead sophisticated connected attacks, where vehicles like phishing are used to first penetrate the company’s defences.
Sophos is already the only vendor to offer a layered security defence, with protection at every point of the attack chain. This is why we have been Sophos’ very proud partner for a long time.
We will guide you through all levels of security to give you peace of mind.
Contact us and we will be glad to discuss your firm’s security with you.
Dear readers of our newsletter,
You may still well remember the last year’s madness around the GDPR. If you had a decent adviser, he must have warned you that one of the weakest links in the IT system is the user, and that practice makes perfect. And he tried to convince you together with Darwin that unused organs atrophy and unused knowledge fades. Therefore, users should be educated and trained on a continuous basis. Each employee must undergo training in health and safety at work and fire protection and drivers periodical driver training on top of that. IT training is not a mandatory obligation but should be in the organisation’s interest. This is because a disk containing corporate data getting encrypted only because the accountant opened a suspicious e-mail attachment may be much more expensive than the time spent in the training, provided, e.g., through an e-learning portal, and the fee paid for it.
And how to find out whether your employees really need the training? For example, by testing their vigilance actively.
We hope you enjoy reading our newsletter.