Why employees need regular cyber threat spotting practice
It’s hard for us to remember irregular habits, like spotting threats. It’s much easier to remember procedures you do every day or even weekly.
[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row column_structure=”1_2,1_2″ _builder_version=”4.16″ min_height=”670px” custom_padding=”5px||8px|||” global_colors_info=”{}”][et_pb_column type=”1_2″ _builder_version=”4.16″ global_colors_info=”{}”][et_pb_text _builder_version=”4.17.6″ text_font_size=”20px” text_line_height=”1.8em” header_2_line_height=”1.4em” min_height=”596px” custom_margin=”||-1px|||” global_colors_info=”{}”]This goes to why employees need more “safe, regular practice” at spotting threats:
The procedures we learn to do on a daily basis become automatic. These are the tasks of our jobs. We know them well.
Most of us can spot a routine “spam” message as we do our daily email. But when an attacker creates a believable pretext, they create an exception to our normal habit.
Unless we set aside specific time on a regular basis to do email or handle voicemails, each unexpected inquiry is an event that interrupts us from the task we were focusing on. This is when attackers create situations that “short circuit” our normal habits for detecting threats by using emotional triggers.
[/et_pb_text][/et_pb_column][et_pb_column type=”1_2″ _builder_version=”4.16″ global_colors_info=”{}”][et_pb_image src=”https://clickarmor.ca/wp-content/uploads/2022/08/eric-rothermel-FoKO4DpXamQ-unsplash-scaled-1.jpg” alt=”Security awareness paradox” title_text=”eric-rothermel-FoKO4DpXamQ-unsplash” align=”center” _builder_version=”4.23.1″ _module_preset=”default” module_alignment=”center” hover_enabled=”0″ global_colors_info=”{}” sticky_enabled=”0″][/et_pb_image][et_pb_text _builder_version=”4.23.1″ _module_preset=”default” hover_enabled=”0″ sticky_enabled=”0″]Photo by Eric Rothermel on Unsplash
[/et_pb_text][et_pb_cta title=”It’s been a “super-fantastic” experience to see people learning and talking about security threats.” button_url=”https://clickarmor.ca/quick-start-bundle-gamified-security-awareness-training-and-engagement/” button_text=”Start Your 6-Week Quick Start Bundle Now” _builder_version=”4.16″ _module_preset=”default” locked=”off” global_colors_info=”{}”]For just $325 USD, you can run a 6 week, automated program for gamified phishing awareness training and challenges. (Limited time offer. Normally valued at $999 USD)
Use Promo Code: 6WEEKS
[/et_pb_cta][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”4.16″ custom_padding=”8px|||||” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.16″ global_colors_info=”{}”][et_pb_text _builder_version=”4.17.6″ text_font_size=”20px” text_line_height=”1.8em” header_2_line_height=”1.4em” min_height=”8px” custom_margin=”-20px|||||” custom_padding=”4px||0px|||” global_colors_info=”{}”]I once heard a sales coach responding to a class attendee about why a certain line of questioning works. The student had commented that, “These questions are so obvious that the prospect will spot them and will shut down”. The coach then proceeded to ask a series of questions to the prospect that led him into a trap, which he absolutely was not able to spot. The rest of the class was laughing as they realized the trap and the student wasn’t spotting it himself.
This is how effective social engineers work.
Without practicing spotting the subtle techniques used by attackers in a safe environment, we have a hard time spotting a suspicious message.
So, before you get frustrated with employees who fail to spot what looks like an obvious attack, put yourself in their shoes, with all their tasks and habits.
If you don’t give employees a continuous program of exercising good cyber hygiene, in a way that builds their confidence, they will be susceptible to being tricked.
[/et_pb_text][et_pb_button button_url=”https://clickarmor.ca/trial” button_text=”Book a free trial of Click Armor to start strengthening your security culture” button_alignment=”center” _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}”][/et_pb_button][et_pb_text _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}”]
Scott Wright is CEO of Click Armor, the gamified simulation platform that helps businesses avoid breaches by engaging employees to improve their proficiency in making decisions for cyber security risk and corporate compliance. He has over 20 years of cyber security coaching experience and was creator of the Honey Stick Project for Smartphones as a demonstration in measuring human vulnerabilities.
[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”4.16″ global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.16″ global_colors_info=”{}”][et_pb_post_nav prev_text=”Previous Post” next_text=”Next Post” _builder_version=”4.16″ title_text_color=”#ffffff” background_color=”rgba(14,79,136,0.68)” custom_padding=”5px|10px|5px|10px|true|true” border_radii=”on|4px|4px|4px|4px” border_width_all=”1px” global_colors_info=”{}”][/et_pb_post_nav][/et_pb_column][/et_pb_row][/et_pb_section]