Being aware of the existence of real danger and the consequences it entails on multiple levels is – itself – a tool to defend against it, to protect ourselves.
This is also true in cybersecurity, where security awareness, by sensitizing users and making them aware about the types, methods, and impacts of cyber attacks against computers, servers, networks, mobile devices and corporate data, aims to raise the security level of the entire organization and, therefore, its business.
The current Security Awareness scenario
Some estimates speak of 80-90% of cyber incidents being attributable to human error or staff misbehavior.
Unintentional errors, due to the negligence and carelessness of the company’s internal staff, but also intentional ones made by unfaithful workers carrying out sabotage operations to the detriment of their organization.
This is why it is important to invest in staff training and cybersecurity awareness, to create the necessary awareness in people of cyber threats and the dangers inherent in new technologies.
Here are reported the so-called endogenous causes more often happened in domestic organizations’ attacks, according to a Clusit Report:
- Weak passwords
- Using corporate mobile devices on insecure Wi-Fi networks
- Web surfing on unsecured sites
- Exchanging confidential information using unencrypted USB flash drives
Phishing and spear phishing attacks are also on the rise, with significant impacts on companies both in terms of fraud and stolen data and the operational costs of repairing the material and economic damage caused by cyber incidents.
More than 16 million network users, over one-third of the adult population (37%), have been affected by cyber-attacks.
The damages stand at nearly 3.5 billion euros and more than 2 working days on average per user occupied to remedy the problems generated.
When Security Awareness Falls Short: Why Employees Behave Insecurely
According to the 2021 Gartner Employee UX Survey, over 44% of employees use to have regularly engaged in insecure behavior.
Employees most commonly engage in five types of insecure behavior:
- Poor Password Hygiene: 57% of employees keep passwords in an unencrypted format
- Unclear Personal- Work Interface Boundaries: 36% use personal cloud storage for work
- Negligent Data Handling: 33% share work data with someone who should not have access to it
- Carelessness With Emails: 36% of employees open emails from unknown sources on a work device
- Internet Oversharing: 35% enter sensitive information on nonwork websites like social media
TelsySkills: the first step against cyber vulnerabilities
As it has been shown, in the vast majority of cases, the greatest element of criticality in managing an IT vulnerability concerns people first and foremost.
In fact, the main actors are employees: whether it is a lack of attention to security policies, excessive laxity in the management and storage of data and information, a bad setting of a software or infrastructure component, or simply a phishing attack, according to a Verizon report it is human error that accounts for 82% of security incidents.
So, proper staff training is essential for the security of the entire organization.
Telsy offers TelsySkills, its security awareness solution, an interactive and comprehensive platform that turns employees into the first line of defense against cybercrime.
TelsySkills build up a unique and effective proposal to counter cybercrime, focusing on the human factor as the key to success.
It is an e-learning platform composed of 3 specific modules dedicated to employee training against most vulnerabilities in the IT field, increasing employee awareness through the adoption of the most advanced learning techniques.
The modules are composed as follows:
- Awareness: a dynamic, stimulating and interactive learning path to make employees more aware of using the web.
- Channel: composed of video lecture sessions focused on cyber risks with innovative, engaging, and immersive storytelling.
- Phishing: experiential training with simulated phishing, and smishing campaigns.
Why choose TelsySkills?
- Increase awareness of cyber risks
- Interactive approach and pervasive gamification
- Fully automated and low operational impact for HR, IT and Security functions
- Short, self-paced sessions
Learn more about Telsy’s cyber solutions