More than half of U.S. companies and industries fell victim to cyber attacks in the past year. The F.B.I. Reports that 4,000 ransomware attacks take place each day. Statistics suggest that hackers create approximately 230,000 malware programs each year in an effort to gain useful information, disrupt normal operations or experience financial gain. It is not unusual for companies and institutions to lose millions of dollars secondary to an attack. However, security experts believe that educating and training employees is key to ensuring security.
The practice of phishing dates back to medieval times. Countermeasures included ensuring a document came from a position of authority by checking for an official seal. Benjamin Franklin employed the tactic during the Revolutionary War. He would create letters and documents while trying to disguise himself as someone behind enemy lines in order to gain access to important information or to sway the opposition to take detrimental actions.
Employees need to be trained and become more aware of the tactic. They must be educated at all levels. If a communication seems off, do not reply or respond. In order to make workers more conscientious and alert to the problem, companies might adopt disciplinary measures that punish individuals responsible for allowing repeated attacks.
Reinforce Security Measures Daily
Many companies hold periodic security briefings or training sessions. However, employees may not adequately absorb all of the information. When a cyber attack occurs, they may not notice or respond correctly. But, if companies provided the basics then incorporated reminders or bits of information on a daily basis, employees are better tuned into the potential of an attack and become more effective in handling the situation.
Engaged Learning Techniques
Training sessions are often long, boring or contain too much information to be absorbed. However, if companies used methods to make the learning fun, employees are more likely to retain what they learn. Some successful training techniques involve gameplay, leaderboards, rewards or point systems that keep employees engaged. The methods additionally provide trainers with insight as to what material is adequately learned and what areas need further education.
In the event an employee notices a possible attack, they need to know how to handle the situation on the spur of the moment. By having a prepared database in advance, the individual does not have to waste time looking for protocol measures, as the delay could put the company at risk.