You are the Weakest Link…

July 21, 2021

Per the latest statistics, each one of your employees may be the “weakest link” when it comes to allowing hackers into your systems.  Phishing is the easiest form for cyber attackers to carry out and the easiest for your employees to fall for.  Common forms are email attachments or links distributing trojan malware or ransomware.  Another common method is including a website link to a fake page to obtain confidential information.  Per the latest data, an estimated 1.4 million of “fake” websites are created every month. 

Having a holistic security awareness program will improve your security posture to help prevent access to your valuable data and systems.  We recommend considering the following:

1. View security awareness as an ongoing component of your information security program, not simply as an annual training exercise
2. Although phishing testing remains the most commonly used method to measure training effectiveness, it is not the only method an organization should use to measure security awareness. For example, other data points include incident response metrics, employee monitoring reports, unsanctioned application usage, and sensitive data metrics.
3. Successful security awareness programs include both executive sponsorship and organization-wide involvement
4. If your organization does not have a full-time employee dedicated to security awareness, consider engaging a vendor to provide a Chief Information Security Officer (CISO)-as-a-Service to oversee the program and make improvement recommendations. In addition, look for security awareness platforms to automate and orchestrate elements of security awareness training.

Dewpoint with our partner, KnowBe4, can help increase your organization’s security posture.  KnowBe4 has been named a Leader in The Forrester Wave^TM: Security Awareness and Training Solutions, Q1 2020. KnowBe4 offers the world’s largest security awareness training platform.  Furthermore, KnowBe4 offers a full range of security, compliance, risk, and governance training. 

Dewpoint offers CISO-as-a-Service in addition to security reviews and can implement recommendations to increase your security posture.  With the combined services of Dewpoint and KnowBe4, you will no longer have to worry about your weakest link.  To learn more about Dewpoint security services, click here.