Cybersecurity training

What your employees need to know about cybersecurity

The majority of business is performed online in today’s hyper-connected world. That’s why protecting your data is just as important as securing your physical office location.

However, your data is only as secure as the people who have access to it. Cybersecurity training for employees should be an important part of any data security plan.

Below are a few of the top cybersecurity threats your employees need to be aware of.


Phishing is a malicious attack that tries to trick individuals into providing sensitive information like passwords or account details. These attacks usually come via email enticing you to click external links which contain malware. They can also occur via social media, text messaging and even through phone calls.

What makes phishing so dangerous is that most people don’t realize they’re being attacked. The large volume of messages sent usually leads to somebody getting caught.

Spear phishing

Spear phishing is a more dangerous form of regular phishing because it targets a specific user. These emails use private information to pose as someone in your email list or as an organization you may be familiar with. This way they seem more trustworthy.

As you would expect, these attacks are far more effective than regular phishing. According to a study done by Phishme in 2016, about 91% of cyber attacks and the resulting data breach began with a spear phishing attack.

To avoid these attacks, train your employees to always be suspicious of emails that ask you to click a link or provide specific information. Be aware of emails that have poor spelling, punctuation, and grammar.

Related: How to protect your data when you’re working remotely


Ransomware is a form of malware that blocks access to your computer or data until a ransom is paid. These types of attacks tend to make headlines for extracting billions of dollars from businesses.

Most recently, a hospital in Indiana was forced to pay $55,000 to regain access to its data. The U.S. Department of Homeland Security reports an increase in ransomware attacks and notes that data recovery isn’t always guaranteed.

The best ways to reduce your risk of ransomware attacks is to train your employees to recognize the signs of a ransomware attack such as files that won’t open, missing file extensions or lock screens that prevent access to information. Other cybersecurity measures you can take are to restrict employee access to some of your most sensitive data and perform regular backups of important information.

Read More: The SMB owner’s guide to stopping ransomware

Passwords best practices

Although having strong passwords is a relatively low-tech method of security, it is one of the most fundamental and practical ways to enhance cybersecurity. Unfortunately, this is also one of the least practiced security measures according to the Center for Internet Security.

The good news is that creating good passwords isn’t difficult and they can go a long way in securing your system. With a few quick password guidelines, your employees can make sure their passwords are good enough to protect your business from the risk of a data breach.

Read More: Are passwords passé?

Breach fatigue

Breach fatigue is the slow cultural acceptance and normalization of data breaches. This isn’t surprising, given the almost daily news reports of new data breaches. Just recently it was reported that Marriott had about 500 million guest’s information stolen.

Data breach fatigue is a real and dangerous problem because it could lead to your employees being less inclined to follow the right protocols. Luckily, there are steps you can take to fight breach fatigue. Work to change workplace attitudes around data security by frequently reminding employees about the potential dangers.

Cybercrime can occur when you least expect it and cybersecurity begins with the employees who run the data systems that your business relies on.

Contact your managed IT services provider to help to ensure your employees have the proper training to keep your business safe from the inside out.