COVID-19 has prompted a global financial slowdown, one which has caught plenty of organisations out. Although hopes of a v-shaped recession abound there’s no denying that, at present, we’re very much on the downswing, rather than the up.
It’s prompted a time of self-reflection and belt-tightening for organisations across the globe. Accordingly, many organisations are halting their cyber security training programs.
We think that’s the wrong path to take. Join us as we share precisely why.
The first and, perhaps, most important thing to note about the current cyber security environment is that far from being less active, we’re witnessing more (and more novel) attacks than before the pandemic began, like that which recently resulted in a death in a German hospital.
According to a recent study, cybercriminals are taking advantage of the uncertainty and unfamiliarity of the pandemic to isolate and attack individuals within organisations.
Indeed, spear-phishing attempts using COVID-specific designs and language have proven to be a remarkably common attack vector, as we covered in a recent blog.
With the variety and frequency of attacks increasing, now isn’t the time to scale back cyber security training.
It’s tempting to believe that we can moth-ball our organisation and simply pull it out of storage when the circumstances are more favourable.
However, we know that simply isn’t the case - especially when it comes to training.
Quite simply, the longer your team goes without training, the longer training will take to be effective when you resume. If you’re merely looking to tick a few compliance boxes, that might be fine, but if you’re trying to create real cultural change, it’s a fast track to failure.
For new behaviours to become second nature, it takes continuous training, regular reinforcement and support from across the organisation. Unfortunately, training isn’t a tap that you can turn on and off and expect to be effective.
If you’re serious about empowering your team to protect your organisation, now isn’t the time to pause your training program.
Working from home has become the new norm over the last six months, but with the move to home offices and personal equipment comes a raft of potential threats which aren’t found when teams are located in your offices.
Cybercriminals are using the lack of in-house security employed at many larger organisations to make opportunistic attacks on your workforce - many of which have never been seen before.
By abandoning training, you weaken your organisations immune response to threats, increasing your chances of breaches and the financial and reputational damage that it entails.
Want to learn more about how training can help build a cyber security culture within your organisation and create resilience from attacks? Get in touch with a member of our team today.