CybeReady Recommendation: How to Increase the Efficiency of the Cyber Security Division
News | 31.01.2019
Way to the victory means pursuing a moving target. With each stage passed, a higher and more complex goal is created.
CybeReady training approach is no different. We train all employees year-round using smart adaptive methodology. Our standalone platform reduces the organization’s cybersecurity risk, but it requires virtually zero effort. The longer you continue to work with the program, the better your employees react to phishing attacks, minimize risks and keep your organization ahead of the curve. That's why:
1. Aim for more
As with athletics training, CybeReady helps employees create “anti-phishing muscles” and sharpen their instincts to immediately detect malicious emails when they appear in their inbox. The more often employees practice, the faster they improve. Although the greatest improvements in KPIs are naturally observed during the first 6–12 months, sustained improvement will continue even after 36 months.
2. Use or loose
We live in the information age and forget about things faster than we are willing to admit it. The easiest way to remember important things is to regularly add them to the “top list”. CybeReady's research shows that on average 12 “reminders” per year are exactly what employees need to know.
3. Be ahead
Hackers never stay idle. Phishing attacks are constantly evolving and becoming more sophisticated, targeting employees in the most vulnerable moments. “Staying fit” means exploring new adversaries and knowing what you are facing is an important practice that allows you to avoid getting into new phishing schemes.
4. Be all inclusive
Modern enterprises experience high mobility of employees from outside and inside the organization. Similar to adding new players to a sports team, new employees lag behind their peers, the team is weaker. The longer company postpones training new employees, the higher risk is to the organization.
5. Don't change the winning formula
Thanks to the smart adaptive learning methodology, CybeReady is the only solution that guarantees results in the first 12 months. After you have gathered the results of the first year, keep up the good work, get long-term benefits and avoid unnecessary switching costs.
Why perseverance matters - example of use:
What does termination of training for companies mean? After two years of training in antiphishing modeling, the insurance company had to take a 6-month break due to budget constraints. When resuming training, we noticed the following:
- 25% increase in the high-risk group (“serial clickers”) (compared with data before the break).
- 300% increase in the number of clicks in low complexity campaigns that employees mastered just before taking a break.
It took the company eight months to recover and return to the level of awareness they had before suspending the training program. During this period, the company was at higher risk. These data coincide with our observation: continuous training keeps the staff vigilant for 4-6 months, but, as a rule, after a longer period of time, employee awareness is reduced no matter how long they have been trained before.
As in the case of any sports training, when training in the field of cybersecurity is suspended or stopped altogether, the same skills, which required hard work to develop, gradually deteriorate.
The security department must understand the value of perseverance and strive to constantly train the personnel of their organization. Resilience of employees to phishing attacks is the ultimate victory for all.