Decoding Online Social Engineering: Revealing Tactics and Strengthening Defences
If you are a decision-maker within a business, you must be aware of the risks that social engineering can pose to your organisation...
According to the World Economic Forum’s Global Risks Report (2022), 95% of Cybersecurity issues can be traced back to human error. Human error is often perceived as an outlier when it comes to cybersecurity. However, since it falls under the category of ‘human’, many business owners don’t regard it as a serious problem and often fail to invest in staff training and development as much as they should do.
Large margins of error can be massively reduced by delivering focused and effective training to staff. Read on to find out more about this underrated cybersecurity defence tactic.
Human error & the state of cybersecurity
So we know that human error is, by far, the largest cybersecurity threat. But, before we go any further, let’s look deeper into this topic by returning to the Global Risks Report.
The report also revealed that insider threats represented 43% of all cybersecurity breaches — intentional or accidental. This means that almost half of cybersecurity breaches are caused by the negligence or malpractice of employees (or those affiliated with a business, such as stakeholders or directors).
This gives rise to a pressing need to improve the competence and skill of staff as a direct response to human error. And how can this be done? Training.
The National Cyber Security Centre has emphasised the importance of staff training time and time again. This time, in their Cyber Assessment Framework (CAF), they’ve provided some comprehensive staff training guidance for organisations responsible for important data.
According to the NCSC, “Training and awareness activities should provide appropriate cyber security skills for the job [...] Using a range of approaches to training and awareness can improve understanding and information retention, from briefings, online courses and blogs to simulated cyber attack.”
What does IT training look like?
It’s important to note that IT training is decidedly different from cybersecurity training — and we believe combining the two is needed to comprehensively cover all bases regarding developing staff competence and resilience.
You can read about the benefits of training staff in cybersecurity in another of our blogs here.
Cybersecurity training familiarises staff with different threats and advises on the best course of action to take should they encounter them. IT training, on the other hand, may refer to a broader, blanket approach that seeks to improve the general technical competence of employees in a wide variety of areas.
In a nutshell, any digital process that affects the functionality of a business can be improved with IT training and can look like any of the following things:
- Training on specific programmes and applications such as Microsoft (Word, Excel, PowerPoint), Dell, Webroot & Datto.
- Training to give staff a basic knowledge of essentials such as cloud computing.
- Specialised skills training for unique applications like certain Content Management Systems (CMSs).
- Best practices for maintaining digital infrastructure.
- Compliance training, GDPR skills, and help to obtain necessary certifications such as Cyber Essentials Accreditation.
- General training on best practices for data processing and storage.
- Help with filling the gaps in areas such as software updates as well as hardware maintenance and installation.
How can IT training help reduce human error?
To put it simply, the better an employee understands IT, the lower the chance of human error. The more training staff receive, the smaller the likelihood of mistakes being made that could compromise the integrity of a business’ systems.
And most employees are ready and willing to learn, too. According to a study conducted by LinkedIn Learning, 66% of employees would engage in a training programme if their manager requested it.
What’s more, training your staff can actually lead to greater employee satisfaction and retention rates. The study also found that a staggering 94% of employees would stay with a company for longer on the premise of training opportunities. It’s a win-win situation.
What IT training options are available?
So how can you go about training your staff members on IT best practices? There are various options available, but many organisations choose to start with online courses, such as the NCSC’s Certified Training Course.
While these are a good idea, they tend to take up a lot of valuable employee time and may cover topics unrelated to your business needs.
IT consultancy from experts like ITRM
Bringing in an IT support expert, on the other hand, is a much more viable method in which your staff can be trained while your IT systems receive quality attention.
We at ITRM are a managed service provider offering IT support to businesses across London, Kent, and Essex. Our IT consultants are not only able to advise you on how to improve your current IT systems., but how to improve the tech-based skills of your staff.
To find out more, get in touch with our team of experts today. And, for more strategic business IT insights, browse through our blog.
