Hackers are good. I mean really good. According to the latest Verizon’s Data Breach Investigations Report, more than 75% of the attacks are coming in through email either with an attachment or link.
How many of your employees are up to speed on what they could do to ensure they’re not “the one” who accidentally enables a hacker to penetrate your organization?
On average, phishing emails are getting almost 25% response rates. Take those numbers to your marketing teams. They’ll be impressed! Think about it. If the bad guys send an email to four people in your organization, at least one of them is going to click. Yikes!
It almost makes you want to halt email altogether – or ask the hackers to join your marketing team.
So this is a problem. We get it. But what are you doing to equip your organization with the knowledge and restraint when it comes to email and cybersecurity? How are you training your teams to not click on suspicious, or possibly even not-so-suspicious emails?
Some organizations are taking a pretty hard-lined approach. I recently tried to send an email to someone at IKEA. It took five tries on five different email accounts I owned to actually get one through. And I wasn’t just looking for a missing part for my new IKEA chair. This was legitimate business, a legitimate email exchange. While I’m glad for IKEA that it appears to be really, really secure, yet I wonder how much time its partners are wasting trying to communicate.
Is better end-point protection the answer? Yes. Is better training to your employees about what’s coming in their inboxes and what your teams can do to not be “the one” the answer? Yes. Is cutting your organization off from the rest of society the answer. Probably not.
It’s time to create some awareness among your entire organization. Get your Human Resources teams involved. Create some good cybersecurity training. Take a page from the manufacturing handbook on safety and start communicating how many days, weeks, months (minutes?) it has been since your organization suffered an incident, or worse, a breach? Let people know what they can do to make a difference.
And let’s bring those hacker response rates down to the levels they deserve!