28. Feb 2024

The Biggest Weakness in your Cyber Security – and How to Eliminate it

Cyber
The reaction of employees is often the decisive factor in whether a phishing attempt is successful and causes damage to a company or not. RoBe alumnus Marco Rast explains why training is crucial.

In the last autumn newsletter, Bettina Zimmermann wrote about “Cyberattacks – How they happen and how companies can protect themselves against them“. A key question was: “Are employees trained in security risks?” It is known that four out of five cyberattacks start with a successful phishing attack. This means that the person in front of the computer poses the greatest risk, and this is where the greatest impact can be achieved in terms of risk minimization.

Phishing is one of the most common and most dangerous forms of cyber attacks, in which fraudsters attempt to steal sensitive data such as passwords, bank details or access codes from unsuspecting victims. They often use fake emails, websites or phone calls pretending to come from trusted senders or organizations. Phishing can lead to significant financial losses, identity theft, data breaches or even blackmail.

To protect against phishing, it is therefore essential that all employees of a company or organization are informed and trained about the risks and signs of phishing. This is because employees are often the first and last line of defense against cyber criminals. If they are able to recognize and report phishing attempts, they can protect themselves and their employer from serious damage.

But how do I recognize phishing emails?

It’s not that easy. The attacks are getting better and better. Not so long ago, you could recognize emails by their incorrect grammar or bad German. Those days are long gone and the emails today are of a very high “quality”. Many fraudulent messages either have an attractive appearance, such as a notification that a parcel could not be delivered, or they allude to urgent matters, such as a warning that your password has been hacked and needs to be changed urgently. In the midst of hectic everyday life, it is easy to accidentally click on the wrong link, which can lead to the servers being encrypted and the company coming to a standstill.

Training minimizes the risk

Users can be trained very effectively through targeted and simulated attacks and the resulting outcomes. Short training videos or small games such as “Who wants to be a millionaire?” sensitize the company’s employees. The campaign normally runs for eight weeks in phase 1. After that, the risk can be assessed very accurately and the training begins. Over the course of a year, users must regularly complete short training sessions of around 15 minutes. Progress is reviewed every three months with new simulated phishing emails. The games and videos are available in many languages and are designed to be entertaining. The progress and awareness-raising help users to recognize phishing emails even in hectic times. Every phishing attempt fended off pays for the effort invested many times over.

Cyber security is a shared responsibility that must be borne by all employees of a company or organization. Through effective phishing training, employees can increase their awareness and confidence to protect themselves and their employers from cyber attacks.

Special cyber security training offer for RoBe News readers (in German)

digitalisation Rochester KPIs Digital Strategy Digital Transformation Change management Project management new leadership culture Innovationskultur Weiterbildung Führung Neue Technologien EMBA Leadership strategy development ACT method Karriere Digitalization Sustainability New Technologies Finances Continuing Education Executive MBA Board of Directors Career
Marco Rast
About the person
Marco Rast
Owner/Managing Director Vision-Inside AG
Marco Rast is Managing Partner, entrepreneur and CEO of Vision-Inside AG, which he founded 20 years ago with his business partner. Vision Inside is a people-centred, digital company for smart building, security, cloud, work smart and infrastructure. With over 70 employees, including ten apprentices, they are active at four locations throughout Switzerland and promote future-oriented collaboration. This is also reflected in the award for Swiss Employer of the Year 2019 (1st place) and 2021 (3rd place). Marco Rast is a business IT specialist, holds a degree in business administration NDS HF, is a board member of IAMCP Switzerland (International Association of Microsoft Channel Partners) and serves on various boards of directors. He completed the CAS Board of Directors programme at Rochester-Bern.