Cybersecurity blog Cybersecurity blog
How to prepare employees for increased cyber attacks?
Facebook Twitter LinkedIn

How to prepare employees for increased cyber attacks?

blank
Ásta Guðrún Helgadóttir
6 min read ∙ Mar 16, 2022
blank

Once again, we are witnessing history unfolding itself at an alarming pace. The consequences of the Russian invasion of Ukraine have been devastating and world powers have taken actions with broad and grave sanctions. Recently, experts have started raising concerns about the possibility of increased cyber attacks. So who needs to prepare for that and how?

Man in front of several computer screens and phones in a dark room, indicating a hacker at work. Companies of all sizes should prepare for increased cyber attacks.

Attacks targeting SMEs and infrastructure

We saw during the Covid-19 pandemic that cybercriminals will attack anyone and anything – even if they promise not to. All organizations, regardless of their size, the industry they belong to, or the geography they do business in, are at risk. Small or medium-sized businesses, or large multi-nationals – every organization is a potential target. Ransomware and phishing attacks are all about casting a wide net, hoping that someone will take the bait. SMEs are increasingly being targeted as their security posture is generally less robust. Having technological measures in place, such as good firewalls or enforcing encryption to scale up your defenses, is not enough. The other things in your cybersecurity toolbox that need to be up to date are your employees. Offering security awareness training and making sure employees know of increased cyber attacks will maximize your organization’s cyber resilience and minimize your risk.

What imminent cyber attacks to expect

Whenever the world is in turmoil cybercriminals use the opportunity to steal data, break into systems, exploit people and jeopardize business operations. Ransomware and phishing attacks are their favorite ways to do just that. 

In the past two years, ransomware attacks have been on the rise, both in frequency and price paid in ransom. Some cybersecurity professionals estimate that up to 74% of these ransomware attacks originate from Russia, the world’s leading “ransomware as a service” provider. 

What is ransomware poster. Text about ransomware and image showing computer icons connected to a network becoming infected. This image is to help prepare for increased cyber attacks.

Hackers mainly request bitcoin as their ransom. Crypto currency is not just a method to hide their criminal trail. It is also a great way to circumvent the current bank sanctions that have recently been put in place. Hackers currently have a lot of experience and might even be established within multiple systems waiting to attack already. It is therefore, only prudent to expect that there will be increased ransomware attacks on multiple fronts.

When it comes to phishing attacks, we expect to see the rise of disaster scams through phishing. Following big global events and catastrophes such as hurricanes, pandemics or war, fraudsters will take advantage of the situation. They will abuse the vulnerability of real victims (e.g. refugees) and the empathy of observers to obtain valuable personal information or money. They may even set up bogus relief funds and ask people to donate.  

Do your employees know how to spot a phishing email?

In a recent study by Verizon, it was estimated that 85% of all cybersecurity breaches are due to human error. Thereof, 36% of breaches were due to phishing, a stark increase of 11% between years. But that’s not all: General lack of knowledge about best cybersecurity practices, ranging from reusing passwords to not password protecting one’s phone, are also common culprits. To protect your organization you need to prepare employees for increased cyber attacks and what they may looks like.

The majority of cybersecurity breaches are not full-blown attacks but rather poking around for vulnerabilities that rely on people’s knowledge and awareness on an individual level to prevent. This can be:

  • Clicking on links in phishing emails that will install malicious software into critical systems
  • Bad password habits, such as re-using passwords or having simple passwords, which makes it easy for hackers to crack into systems or inboxes
  • Not doing critical software updates or accepting updates or downloads from unreliable websites.
This AwareGO training video is a part of our free cybersecurity program available now.

Organizations need to take a top-to-bottom look at their cybersecurity status. As we have seen in previous ransomware attacks, it can happen by just clicking on an innocent link, reusing passwords, or not doing software updates as required. It is not enough to defend critical infrastructures with technological measures only. Raising awareness among employees about best cybersecurity skills is just as important, if not more important, to create holistic cybersecurity defenses for your organization.

Five ways to prepare for increased cyber attacks

  1. Make sure that all software is up to date and remind your employees to install all critical updates to software and remove outdated software and apps from their computers and phones. 
  2. Activate Multi-Factor Authentication where possible. This also applies to employees’ personal social media accounts.
  3. Consider requiring a mandatory password change, especially for accounts that hold critical information or have privileged access. Now is also a good time to introduce password managers as a security requirement in your organization.
  4. Send out regular cybersecurity awareness reminders about the importance of keeping your devices up to date and about phishing, including other methods such as vishing and smishing, which are becoming more common. Feel free to use information and screenshots from our School of Phish guidebook.
  5. Introduce regular cybersecurity awareness training that is designed for adult learners. This means regular, bite-sized training that fits into a busy schedule and introduces various security topics incrementally.
Group of people of mixed ethnicity sitting and standing by a conference table in office. Computer, tablets and writing pads on the table. Indicating cybersecurity training because organizations need to prepare for increased cyber attacks.

How to build cyber resilience?

Studies and reports from multiple sources, such as Aberdeen Group and Global Market Estimates suggest that security awareness training can minimize cyber risks by up to 70% and give organizations an ROI of about 5-times.

Two people walking through an office looking at a tablet. Superimposed image show that they are looking at a security awareness training program. Organizations need to prepare for increased cyber attacks.

It is AwareGO’s mission to make the world a more cybersecure place. Due to global events and increased cyber attacks we want to help organizations out by giving them a chance to train now and train fast to be better prepared. There might not be time to do a lengthy procurement and inspection of every online course out there. To save time and money we have added relevant training materials to our already free cybersecurity training program. You can sign up for free and train up to 500 people in two weeks. Our platform is easy to manage so you can start training in a matter of minutes. Send out the free training package all at once or spread it out through a few days to avoid training fatigue.

Free cybersecurity training. Now is the time!

Your employees are already aware of imminent and increased cyber attacks. Therefore, they will be more open to receiving training. Now is the time! The free cybersecurity training course will only be available for a limited time. We have hand-picked relevant micro-learning videos that focus on the most common tactics that hackers use to trick people and gain access to sensitive data. 

Image screenshot from AwareGO cybersecurity awareness training platform. Pointer selecting a video about ransomware attacks. Image to prepare organizations for increased cyber attacks.

The free training program includes training on:

  • Phishing tactics and how to recognize phishing emails
  • Ransomware attacks and how to avoid them
  • Best practices on password handling, including multi-factor authentication and good password habits
  • Updating software from trusted sources and the dangers of extortion emails
  • Other cybersecurity vulnerabilities that rely on human behavior on an individual level to work, such as software updates.
Get our free cybersecurity training program for free!

Sign up – no credit card or commitment needed.

blank
blank
Ásta Guðrún Helgadóttir
6 min read ∙ Mar 16, 2022

Become cyber secure

You and your employees are going to love AwareGO. It’s a modern, cloud-based system for managing human risk, from assessment to remediation. We’ve made it super easy — schedule your first assessment or training in minutes.

Get started for free and give it a go right now.

You’ll love the way AwareGO can fit into your existing infrastructure. Our robust APIs, widgets, and content available in SCORM format make sure that the integration is seamless. We also integrate with Active Directory, Google Workspace, and popular tools like Slack and Teams.

Contact us and our experts will recommend the best way to integrate.

Upgrade your cybersecurity business by adding human risk management to your existing portfolio of services. Increase your deal size by leveraging Human Risk Assessment or offering Security Awareness Training to your current customers and creating a new revenue stream.

Contact us to become an AwareGO partner, and we will support you every step of the way.

Join top companies worldwide in the mission to make workplaces cyber-safe

Get started free
blank blank blank blank blank blank blank blank blank blank