“95% of cyber breaches occur due to human error.” 

World Economic Forum’s The Global Risks Report 2022

Training staff to be cyber aware is crucial for any business to mitigate the risks associated with cyber threats and to create a more resilient and secure organisation.

Here are our suggestions to empower your employees to be cyber aware.

1. Regular Training Sessions 

Conduct regular cyber security training sessions for all employees, not just IT staff. Training should be ongoing to keep employees informed about emerging threats and best practices.

2. Interactive Learning

Utilise interactive and engaging training methods such as simulations, quizzes and real-world scenarios to reinforce learning and encourage active participation. You can find some self assessment quizzes here Quiz library | Cyber.gov.au

3. Phishing Awareness

Teach employees how to recognise and report phishing attempts, which are among the most common and successful cyber-attacks. Use simulated phishing exercise to provide hands on experience in identifying suspicious emails – Business email compromise | Cyber.gov.au Types of scams | Cyber.gov.au Recognise and report scams | Cyber.gov.au

4. Password Hygiene

Educate employees about the importance of strong passwords, password hygiene and the risks or password reuse. Encourage the use of password managers to generate and securely store complex passwords. 

5. Data Protection Practices 

Train employees on data protection best practices, including secure handling of sensitive information, encryption and secure file sharing methods. 

6. Device Security

Educate employees on the importance of keeping their devices (computers, smartphones, tablets) secure by installing updates, using anti-virus software and avoiding public Wi-Fi networks for sensitive tasks.

7. Physical Security Awareness

Remind employees about the importance of physical security measures, such as locking their workstations when away from their desks and reporting any suspicious individuals or activities.