Do We Need Employee Cybersecurity Training?

by | Oct 17, 2019 | Business IT News and Information For Small to Large Companies In Polk County

Cybersecurity Training in Lakeland, FL

Without a doubt, yes. Unfortunately, many businesses in Lakeland still aren’t doing this. They don’t realize that their employees are the weakest link in their cybersecurity. Here’s what you should know and do if you want to keep your business IT secure.

Did you know?… 95% of data breaches are caused by human error. This is a staggering statistic. Especially because if these employees had been properly trained to recognize cyber threats, the majority of data breaches might not have occurred.

Traditional forms of cybersecurity include things like anti-spam, anti-virus, anti-malware and next-generation firewalls to limit the chance that your employees will cause a security breach. The right spam filtering can stop malicious emails from ever showing up on your employees’ computers in the first place.

This is all great, but here’s the problem…

This Is An Example Of What Can Happen Without Employee Cybersecurity Training

This really happened. An ethical hacker was hired by a bank in Florida to test their cybersecurity. The bank’s employees didn’t know this.

The hacker ran into the bank one day saying that he was desperate to print off some papers for a presentation he had to give. He explained that he had spilled coffee on his report and needed help.

He asked one of the bank’s employees to put a thumb drive into her computer to print off some documents for him.

She did!… Had he been a real hacker, he could have downloaded malware onto the bank’s IT system! If this employee had been appropriately trained, she never would have done this.

What Is Cybersecurity Training?

It’s an education process that will teach your employees about cybersecurity, IT best practices, and even regulatory compliance. And, it’s the best way to arm your employees to be your first line of cyber defense.

A comprehensive cybersecurity awareness program will train your employees about a variety of IT, security and other business-related topics.

These may include how to:

  • Avoid phishing and other types of social engineering cyberattacks;
  • Spot potential malware behaviors;
  • Report possible security threats;
  • Follow company IT policies and best practices; and
  • Adhere to any data privacy and compliance requirements like HIPAA, PCI DSS and GDPR.

ay include how to avoid

What Takes Place During Cybersecurity Training?

  1. It starts with a Baseline Awareness Training for your staff. This annual, one-hour training includes facts as well as case studies with examples like the one we just mentioned.
  2. Then your employees will receive weekly, one-minute trainings to show them what’s currently happening with cybersecurity to keep them up-to-date on the latest threats. This is presented to them via email.
  3. Your employees will also be sent simulated phishing attempts. These are emails pretending to be someone or a company they trust, requesting them to click on a link. There will be recognizable errors like the wrong sender email, the image from a multi-billion dollar company in a low resolution, etc. This will give you a baseline score for each of your employees.
  4. The employees who are on the lower end of your scoring will be provided additional training. There’s custom training for each score level.
  5. You’ll receive a written security policy for your organization about what your employees should be trained on.
  6. Your employee risk will be measured, and a report provided to management, so you know the positives and negatives regarding the status of your team’s ability to prevent IT exploits.

Will Our Employees Need Regular Training?


With regular training that includes phishing simulations, courses on IT and security best practices and data protection and compliance training, you can:

  • Significantly reduce risk.
  • Decrease infections and related help desk costs,
  • Protect your reputation with fewer breaches, and
  • Secure your overall cybersecurity investment.

People need to be reminded often about cyber threats. Plus, there are always new threats coming along, so it’s essential to not only keep your cybersecurity solutions up-to-date but your employees too.

In Conclusion

Your staff can have a significant effect on your cybersecurity; either they know enough to keep your assets secure, or they don’t, and thus present a serious threat to your security.

You certainly want us to come in and assess your IT network for vulnerabilities. And you still need a layered, up-to-date IT security plan and implementation…But the human factor is still the biggest risk factor in most equations.

Your staff can be your greatest asset or your weakest link. It depends on whether you take data security seriously enough to make sure that they are trained several times a year.

Do your employees have the knowledge they need to spot cybercrime scams, avoid common pitfalls and keep your data secure? You won’t know unless they are regularly trained and tested.

Don’t be like the bank that could have been hacked. An investment in cybersecurity training is much less expensive than a data breach.

Get the training you need for your business in Lakeland, Florida.

In the meantime, if you found this information helpful, visit our Blog to learn more about computer and IT security.