The Secret to not Getting Phished? Stop Relying on Just Phishing Simulations

Let’s be frank. 42% of IT managers still believe it suffices to test their employees’ cyber security knowledge by just sending them phishing simulation emails. Box: checked. Company: secure.

But of course, it’s not that simple. Only a part of hacking attempts happens through phishing. Therefore, just sending out phishing simulations risks creating a false sense of security. According to incident data, biweekly cyber security trainings not only enhance your employees’ overall cyber security resilience but also improve their ability to spot phishing e-mails. Win-win.

Another important part of the holistic approach is implementing cyber hygiene practices. Employees need to maintain their apps and devices on a regular basis. The Phished Platform guides them in configuring the most optimal privacy and security settings. That’s crucial to improve your employees’ cyber security resilience. Remember: around 50% (!) of the apps & devices we use day to day in the workplace are not secure – precisely because people don’t take a moment to execute these security settings and updates.

What the incident data also teach us, is that companies that are updating their employees on threats via our threat alerts experience far fewer cyber events. That’s because our threat alerts inform employees on the most recent scams hackers are using. This is necessary since, in this ever-changing digital landscape, scammers are always innovating.

If you combine our phishing simulation e-mails with the training sessions and cyber hygiene practices, and your employees are reading our treat alerts, you are approaching a near-perfect zero-incident rate due to human error.

The numbers are clear: of the 3.050 Phished customers, there are currently approximately 1250 who implement the full holistic approach. Of those, zero experienced cyber incidents due to human error.

Jo Vandebergh

CEO Phished