Framework Computer disclosed a data breach exposing the personal information of an undisclosed number of customers after Keating Consulting Group, its accounting service provider, fell victim to a phishing attack.
It is unfortunate. The company I work for enrols all employees in training that takes place every month or so (regardless of your role). They also send out fake phishing emails every so often, and those who interact with them are automatically enrolled in additional training. Stats are anonymous, but apparently interactions with those fake phishing emails have drastically reduced. Training absolutely helps, but it needs to be consistent to keep security on everyone’s mind.
This is exactly the case. It’s not continuous training. It’s often one time training at hire then never mentioned again until something happens, like this.
Phishing and Social Engineering attacks can target anyone in a company. Everyone needs consistent training to keep it in their mind and not become complacent.
Even if they take the training it’s often not regularly, not enforced, and generally encouraged to ignore.
It is unfortunate. The company I work for enrols all employees in training that takes place every month or so (regardless of your role). They also send out fake phishing emails every so often, and those who interact with them are automatically enrolled in additional training. Stats are anonymous, but apparently interactions with those fake phishing emails have drastically reduced. Training absolutely helps, but it needs to be consistent to keep security on everyone’s mind.
This is exactly the case. It’s not continuous training. It’s often one time training at hire then never mentioned again until something happens, like this.
https://youtube.com/shorts/VAWwtjtRM98?si=bBJlan5KAI7ihwlO
Phishing and Social Engineering attacks can target anyone in a company. Everyone needs consistent training to keep it in their mind and not become complacent.