If you’re serious about protecting your company, then the only answer is yes!
New employees are onboarded are expected to understand and abide by the policies and procedures set out by the organisation. These policies are made to protect the business and should be standard across the board, whether you’re the CEO or an accountant. So, shouldn’t users be educated on the risks that face not only themselves in the online world, but also your business?
Users are your greatest asset, but also the weakest link in the chain. If you have users that aren’t cyber aware, then you are leaving your corporate environment in the hands of cyber attackers. Uneducated users will perform actions without thinking twice. This can result in individuals clicking on phishing emails, which can drop malware and other malicious items onto their computers. They may send their credentials directly to the attacker and they can perform operations based upon the permissions that user has. Depending upon organizational enforcements, this may result in unauthorized Office365 usage which could lead to destruction of sensitive company information, downloading entire users’ mailboxes and so forth.
Another misconception about cyber security within organisations, is the belief that it’s purely IT’s responsibility. However, it’s a group effort from the entire business to ensure that threat actors don’t get into the environment in the first place. It only takes one mistake from one user for a malicious attacker to wreak havoc and potentially tarnish your company’s reputation.
Can ALL your users differentiate between a legitimate email and a phishing email? Do they implement multi-factor authentication on the web applications they use on a day-to-day basis? Do they reuse the same password for every application and device they log into? Do they regularly update the software on their endpoints?
If you’re not sure or confident in the answers to these questions, then you’re removing control from your business and making it easier for cyber threats to eventuate. Breaches and cyber security incidents aren’t an if situation, they are a when situation.
As the old saying goes, “Prevention is better than cure!”
Get your free Cyber security health check here
