For years now, the cyber threat landscape for businesses of any size has been getting more complex. While there are many reasons behind this, one of significance is the ability for bad actors to use a skilled workforce with technology tools and infrastructure to launch large scale attacks and then quickly personalize those attacks to extract information and ultimately money from their victims. Most people spend time on either a business or personal device each day but haven’t been given the education to properly protect their business or personal information assets from a cyber attack. The good news is that there are companies who specialize in providing end user cyber security training and the cost of their solutions is often quite reasonable for the benefit you gain. Here are a few things to look for in a solution to protect your business:
-
-
- Does the provider have a solution that fits your business and your approach to educating your staff. It’s best to start off with some basics such as basic on-demand training materials, an e-mail phishing simulator, and a dashboard that allows you to track staff utilization and progress. Solutions that use gamification will make it fun (or at least less painful) for your staff and will lead to a better adoption rate of the solution thus building their skills in identifying attacks and protecting your business information and their personal information.
- Choose a solution that will scale over time. As you and your staff build your cyber skills, you’ll want a solution that continues to challenge you and your staff to better protect your business over time. Part of this will be more complex training topics but also look at whether there is the ability to add custom content that is relevant to your business and some of the security challenges it may be facing.
- Determine how you are going to implement the solution and manage it. If you are a small business with stretched resources then see if the provider can help you with this for a fee. They may have a partner network that can perform these services and help you get the most benefit from their solution.
-
Keep in mind that an education solution is always more effective in a supportive work environment. With a cyber security education platform, you may have employees who keep clicking on the phishing simulation e-mails and avoid the training materials. They may feel overwhelmed by their daily volume of work or uncomfortable when it comes to the topic of cyber security so are avoiding the training. Remind them that this training doesn’t require a large investment of time and of the personal and professional benefits. Also, look at rewarding staff for taking the training and doing well with the phishing simulations so there’s a tangible benefit for them.
One question you may have is what will this cost me? Most providers in this space work on a monthly billing model with an annual commitment; you are charged per employee and the monthly fee varies based on the tier of service you choose. Based on previous experience and some recent research I’ve done, you should expect to pay anywhere from $2/month to $6/month per employee depending on what tier of service you choose. If you look at the thousands of dollars that a successful cyber attack can cost a company, this is a reasonable cost to protect your business and to help your staff protect their personal information assets.
If you’d like to discuss how cyber education can play a part in protecting your business, don’t hesitate to reach out to The SMB CIO.