Making Staff Awareness of Security Threats an Ongoing Process



You may have seen this week that Dropbox links have become the latest vector for phishing and malware attacks to try and harvest user details and valuable business data. Given Dropbox is the leading file storage and sharing application for business this is hardly shocking.  What may be more surprising though is that these latest attacks can be more easily identified, and prevented, if staff are made aware of the potential threat.  This once again highlights the importance of user education in reducing the risk of breaches, as Pentura managing director Steve Smith comments in the article.

Whilst staff training and awareness of cyber-security threats has undoubtedly improved, a common mistake is treating it as a one off box-ticking exercise rather than a continual process.

Incidents such as these just go to demonstrate that a continual awareness programme can be as effective a line of defence as the multitude of software products that are utilised by organisations. Furthermore it really brings home that a lack of security awareness amongst staff can easily undermine all other layers of defence – and is potentially just as dangerous as the attempted attacks themselves.