A Better Understanding of the Cyber Threat Landscape
| Before | After |
|---|---|
| Some employees don’t realise the sophistication of cyber-criminals. Underestimation of the risk and the adversary will significantly influence the way an employee will handle cyber threats. | Our case studies of real-life attack scenarios show just how sophisticated the approach of some cyber criminals can be. This helps change the mindset of any employees who might believe that attacks using social engineering are “obvious” or “easily spotted”. As a result, their IT security behaviours are more likely to be more vigilant. |
The Limitations of Technical Defences
| Before | After |
|---|---|
| Some employees believe that technical defences such as firewalls, email gateways, and end-point anti-virus software can protect against all threats. This can lead to a dangerous sense of complacency. | After our security awareness education programme, employees will understand why modern technical defences cannot protect against every threat. They will understand that even the most sophisticated technical defences cannot prevent social engineering-based attacks. This mindset makes employees much more proactive against threats such as rootkits, trojans, and polymorphic viruses which can circumvent your security defences. |
Employee Accountability Results in a Better IT Security Posture
| Before | After |
|---|---|
| Some employees believe that IT security is not their responsibility. Instead, they believe it’s the responsibility of their IT department or outsourced IT support provider. | Our training informs and reinforces to your employees the pivotal role they play in keeping your organisation secure. |
Emotional Triggers
| Before | After |
|---|---|
| Most social engineering attacks skilfully use emotional triggers to persuade users into clicking on malicious links or attachments. | We show your employees exactly how cyber criminals use emotional triggers in their phishing campaigns. Knowing the techniques of the enemy makes your employees more resilient against cyber threats. |
False Trust Cues
| Before | After |
|---|---|
| Often employees fall for social engineering scams because some cyber-criminals are very skilled in using false trust cues. | Your employees are fully informed on what false trust cues are and how cyber criminals exploit them to persuade users to click on malicious links and download data-stealing malware. |
Device Security
| Before | After |
|---|---|
| Some users will download seemingly harmless applications such as games, productivity software etc. onto their computing devices. Unfortunately, some of these applications are purveyors of data-stealing malware which can result in a data breach or a cyber-attack. | Your employees are fully educated on the hidden risks of seemingly “harmless” internet downloads. This reduces the risk of them inadvertently downloading data-stealing malware onto their computing devices. This improved security posture reduces the risk of a data breach or cyber attack occurring within your organisation. |
Better Password Management
| Before | After |
|---|---|
| Some users devise, use, and manage passwords in an insecure way. This can result in credential theft which culminates in a data breach or a cyber attack. | We educate your employees on the underlying reasons why weak passwords, password reuse, and password sharing can present an IT security risk for your organisation. Secure password usage lowers the risk of a cyber incident occurring in your organisation. |
Invoice Fraud (Business Email Compromise)
| Before | After |
|---|---|
| Irish businesses have lost thousands of Euro to business email compromise attacks. While employees might vaguely know what business email compromise is, a lot are unsure of the dynamics of this very prevalent attack vector. | Your employees are fully versed in how to detect the telltale signs of an invoice fraud attack. |
Spoofing Attacks
| Before | After |
|---|---|
| Some employees are unaware of just how easily websites, apps, SMS text messages, and telephone caller IDs can be spoofed. This attack vector means passwords, cloud platform logins, and bank logins can be stolen. | Your employees are given real-life examples of how easily cyber criminals can spoof trusted entities online. After training, they will be able to deploy our actionable advice on checking the authenticity of a website, SMS, etc. This lowers your organisation’s risk of data or financial loss due to a vishing or smishing attack. |
Social Media Security
| Before | After |
|---|---|
| Many employees believe that email is the main conduit of social engineering-based cyber-attacks. However, more and more cyber criminals are using social media platforms to exploit users. | Your employees will have an awareness and understanding of just how threats like phishing are used on social media platforms. |
How Cyber Criminals Research You and Your Organisation
| Before | After |
|---|---|
| Many employees don’t realise the sophisticated techniques cyber-criminals use to research them and their organisations. The information gleaned about them can be used by cyber criminals to deploy highly convincing attacks. | Employees will have an awareness and understanding of the tools used by cyber criminals to perform pre-attack reconnaissance. Understanding how easily information about them and their organisations can be gathered means the risk of your employees inadvertently divulging information which could be used in an attack using social engineering is greatly reduced. |