Skip links

Phishing Phriday #2 – Your role in cyber security as an employee

Read more about Your role in cyber security as an employee

Welcome back, everyone, to another episode of Phishing Phriday! Today, we’re delving into the critical role that the average employee plays in maintaining cybersecurity within organizations.

In our discussion, we started with an analogy. Imagine you’re a business owner with a fleet of trucks and a stack of new computers. Which of these assets do you think typically has more defined policies and training around its usage? Surprisingly, it’s often the trucks. We all know the rules of the road—no drinking and driving, no speeding, and no unauthorized use for personal tasks. However, when it comes to computers, we often hand them over to employees with minimal guidance beyond setting up passwords.

The point is, if someone crashes a truck, it’s a loss, but it’s contained. However, a compromised computer can have far-reaching consequences for the entire organization.

It’s important to highlight that while technological solutions like firewalls are essential, they can’t fully protect against human error, which is often exploited in cyberattacks. Around 90% of successful cyberattacks start with human error, typically through methods like phishing emails, text messages, or phone calls.

Email phishing, in particular, remains one of the most common attack vectors. Clicking on malicious links or attachments can lead to stolen passwords or inadvertently granting access to cybercriminals. Moreover, social engineering tactics, such as impersonating colleagues or gathering information from social media, can enhance the effectiveness of these attacks.

We discussed real-world examples, such as a cyber incident where attackers used AI-generated voice synthesis to impersonate IT personnel and extract sensitive information from the help desk.

So, how do we prevent these threats? Training employees is paramount. By regularly educating staff on cybersecurity best practices and making it an integral part of their roles, businesses can significantly reduce the risk of human error. Incorporating cybersecurity awareness training into employees’ job descriptions and promoting engagement through incentives can be effective strategies.

As we wrapped up our discussion, we emphasized the importance of ongoing cybersecurity awareness and the need for businesses to remain vigilant against evolving threats.

Thank you for joining us for another episode of Phishing Phriday. Stay tuned for our next instalment, where we’ll delve even deeper into cybersecurity awareness to safeguard you and your business. Until then, stay safe online!

Watch our most recent Phishing Phriday videos here

president tier 818x1024 1

Hi, I'm Jesse and I look forward to speaking with you.

An IT Support partner that you can trust.

I’m proud of the team we’ve assembled and the service they provide to our clients.  It’s because of them that we’re able to make a positive impact in our clients’ businesses and the communities we serve.

Our clients run businesses that depend on technology to operate but don’t have the expertise in-house to manage all the aspects of their Information Technology.  Our unique service delivery model is focused on a business first approach whereby we seek to understand what you’re trying to achieve, and how technology can help you move closer to those goals.  I’d love to connect with you to talk about how we might be able to help you improve the Stability, Security, Strategy, and Supportability of your network.