What are the key challenges facing employees when it comes to phishing attacks?

Humans are often described as the weakest link in an organization’s security posture, and we frequently see ‘human error’ as a reason why an attacker has been able to breach an organization’s network. The human error that causes such attacks may be through phishing emails when cybercriminals send large numbers of targeted malicious messages to an employee which are disguised as coming from a trusted source. An employee only has to click on a malicious link once in an email that looks genuine for a potentially catastrophic security incident to take place that could then cost millions of pounds.

While attackers continue to improve their abilities to create successful social engineering techniques to deceive their victims through methods like phishing attacks, many organizations still focus on Security Awareness Training as a tick-box exercise to teach their employees about email security. In reality, employees can be part of a solution that protects the company from cyber-attacks, rather than the source of the problem.

How should organizations be approaching Security Awareness Training (SAT)? 

Source link