In the ongoing fight for digital security and safety, your team members are your first line of defense.
But what does that mean for them exactly? Hopefully they know not to open that sketchy email attachment or click that suspicious link — but what should they do when they stumble across it?
Their important role as your company’s frontline defenders shouldn’t stop when they hit the “delete” button on the email in question. You need more from them — and they might not know it yet.
Here’s what your team members need to know about what to do once they spot a potential threat.
Overreliance on Security Tools Can Be Dangerous
You might be thinking that your business is protected because you have some security tools in place already. First of all, good for you: you’ve taken the time and effort to get some level of security set up, and that’s a massively important first step.
Having tools in place is way, way better than not having them, but there’s still a danger. Security tools aren’t perfect, yet they can lull users into a false sense of security. An employee who knows that you’ve implemented powerful security tools might ease up a little, figuring that sorta-sketchy email is probably legit because your security software didn’t stop it.
So even with strong security protections in place, your team members need to stay vigilant — and vocal. More on that in a moment.
Security Tools Rely on Reporting Data
Another thing to realize is that cybersecurity is a constantly evolving field. The attackers keep finding new and novel ways to attack, and the security providers continue patching vulnerabilities and crafting solutions to those new attacks.
But here’s the thing: for any of that to work, security tools (and the professionals who make them) need data. Some of this gets collected automatically in the course of normal operations, but the old adage is true here: you don’t know what you don’t know. Neither does your spam filter or internet security suite.
If You See Something, Say Something
It’s good advice in lots of areas — including digital security. This is the piece that many employees are missing: many experts estimate that 10% or less of employees report suspected phishing emails to their security teams or managed security service providers.
There are plenty of reasons why they don’t. They might be tech-shy and feel awkward about explaining the situation to a techie. What if they’re wrong? What if they don’t get all the terminology right? What if they didn’t do everything quite right and are afraid of what IT or security might say?
Others might just assume someone else is taking care of this stuff, and many just don’t understand how important this kind of reporting is.
Whatever the reason, a low reporting rate is a problem. If the phishing email made it through to the user, that automatically means the digital protections already in place didn’t pick up on it.
Your security tools didn’t see the threat as a threat — and that isn’t likely to change until someone says something.
Establish Clear Reporting Pathways
Another underrated reason why people don’t report: they don’t know how or where to do it. Do they tell their boss? Walk down to IT? Send an email to the helpdesk? Call the FBI?
Your organization needs a clear method for handling this kind of reporting, and then every single team member needs to know what that method is and how to access it.
As always, education is key. Your team needs regular reminders of what these kinds of attacks look like — and along with that information they also need to know what steps to take when they see a suspected attack.
We can help you fine-tune your digital security tools, implement better and more engaging training, and more. Just reach out to our team to set up a consult!