Pagoda Blog

All it takes is one. One employee to open one fraudulent email and click one infected link to put your entire business at risk. The best-trained IT team in the world can’t prevent someone else in the company from making this potentially fatal mistake. Uninformed employees are the weakest link in your company’s cybersecurity, but fortunately, there’s a simple solution. This solution is forehead-slapping simple and incredibly effective, yet most companies aren’t utilizing it. Any guesses?

 

The solution is education.

Education is Key

The reason your employees are your weakest link is because they’re uninformed. Seems pretty obvious, right? A one-off or even quarterly training, however, isn’t going to magically create a cybersecurity-savvy team. Employees need to receive ongoing, regular IT security training for the full duration of their employment in order for this simple solution to work.    

 

If you’re wondering how to possibly achieve this daunting, eternal task, don’t fret. We’ve found a cost-effective solution that we’re excited to share with all our readers. In an effort to strengthen our clients’ weakest link, we’ve partnered with KnowBe4, a security awareness training and simulated phishing platform.

KnowBe4 to the Rescue

KnowBe4’s mission is to enable employees to make smarter security decisions. They achieve this through world-class training and simulated phishing attacks. That’s right. Your employees will be put to the test with fake attacks to ensure everyone on your team understands and knows how to spot the variety of evolving techniques used by cybercriminals.

 

There are other similar training programs available, but KnowBe4 is the most accessible and effective training for non-tech experts. Garner, Inc. recently positioned KnowBe4 as a leader in the security awareness Computer-Based Training market based on their ability to execute and their completeness of vision. Based on our own experience so far with this platform, we have to agree.

 

Here’s how the platform works:

 

Step 1: Baseline Testing

Before the training begins, KnowBe4 assesses your team’s susceptibility to phishing attacks with a simulated phishing attack.

 

Step 2: Training

Your team goes through training consisting of interactive modules, videos, games, posters and newsletters.  

 

Step 3: Simulated Phishing Attacks

Automated fake phishing attacks go out to your entire team. You can choose from hundreds of templates or customize the simulated attack to make it as uniquely relevant to your team as possible. The attacks can be timely and pertain to current news.

 

For example, during the devastating aftermath of Hurricane Harvey and Hurricane Irma we sent out test emails for a client that appeared to be from the Red Cross. (This is a very real scenario - cybercriminals are known to imitate trusted organizations to access private data.) You can even customize the landing page the email link directs to. Two effective options for the landing page are:

1. continue the test by luring the targeted employee to fill out a form or enter a username and password or
2. use the page to provide take-away lessons from the simulated attack.  

 

Step 4: Review the Results

After the simulated attacks are sent, you can track and review the results across all your employees. The KnowBe4 system tracks who clicks the clink, who fills out attached forms, and other various levels of compromise. You can also see how much training each employee has received, helping you to identify your weakest links.

 

“You could spend a fortune purchasing technology and services, and your network infrastructure could still remain vulnerable to old-fashioned manipulation.”

— Kevin Mitnick, KnowBe4 security awareness training expert and world-famous hacker

We believe that the KnowBe4 training platform will greatly improve the cybersecurity of our clients’ businesses and the ability to prevent attacks. If you want to learn how to use this training tool for your team, contact us for more details. The below posts from the KnowBe4 blog also offer additional information:

 

Security Awareness Training is a Team Effort

Which of Your Employees Are Most Likely to Expose Your Company to a Cyber Attack?

 

 

Want IT to serve you better?

 

 

 

 

Need ongoing IT support for your business? Contact us for a free consultation. We’d love to work with you!

 

––––––––––––––––––––––––––––––––––––––––––––––––––––––––––

About Pagoda Technologies IT services

Based in Santa Cruz, California, Pagoda Technologies provides trusted IT support to businesses and IT departments throughout Silicon Valley, the San Francisco Bay Area and across the globe. To learn how Pagoda Technologies can help your business, email us at support@pagoda-tech.com to schedule a complimentary IT consultation.