Littlefish User Education and Awareness training phishing graphic
Katy Hinchcliffe

About the author

Katy Hinchcliffe: Head of Cyber Security at Littlefish



Share via:

How can organisations use progressive phishing training to keep endpoints safe?

22/03/2019


Users are central to most phishing attacks, someone who, usually inadvertently, gives an attacker a foothold to exploit: users therefore play a critical role in organisation security. Security policy and technologies must enable users to work effectively whilst contributing to a secure environment. A regular, concise and engaging awareness programme increases organisational cyber security knowledge and engenders a security conscious culture.

Unsurprisingly, cyber criminals’ most common user exploitation method is social engineering, delivered by email, which attempts to lure users into performing an action – opening an attachment containing malicious code (file-based), or clicking a link to a malicious website (file-less). In our cloud-based world of frictionless experiences, it feels entirely natural to users – (particularly younger generations who are often more susceptible) – to click on links directing them to web browsers, then enter their credentials: file-less attacks are therefore increasingly difficult to defend against. Highlighting attackers’ latest techniques using realistic examples, providing tips for identifying suspicious emails and teaching users correct reporting procedures are the most effective countermeasures to social engineering.

Simulated phishing attacks support this strategy by regularly delivering ‘fake’ emails to a sample of users. Not only does this provide detailed reporting into susceptibility based on ‘successful’ attack types, by individual user or department, it also;

  • provides the immediate opportunity to deliver education (eg. explainer video) to exploited users while they are highly receptive
  • enables future education & awareness material and delivery to focus on highest risk threats
  • allows anonymised data across all customers to provide benchmarking and isolate trends affecting different organisation types or industries

Supplementing this approach by deploying two-factor authentication – combining something users have (device) with something they know (password) – further mitigates the risk of passwords compromised through credential-harvesting attacks and raises the risk perception of ‘standard login’ applications amongst users.

Learn more about Littlefish’s User Education & Awareness Services.

About Katy Hinchcliffe

Littlefish Head of Cyber Security Katy Hinchcliffe, is a highly regarded cyber security leader. With over a decade’s experience delivering a broad range of cyber security services to enterprise clients for global IT outsourcer Capgemini, notably managing the prevent, detect and respond functions on behalf of Rolls-Royce, Katy is now responsible for developing Littlefish’s Cyber Security practice.

Your People: Security Weakness or Effective Threat Warning System? Turn your biggest security risk into your biggest asset to help defend against potential cyber attacks. Download the 'Your People: Security Weakness or Effective Threat Warning System?' Whitepaper to to learn more. Download now



Read More
Simon White Photo

Littlefish Academy: Learning is a Journey

20/06/2019

Littlefish’s in-house learning Academy offers a range of career-specific learning tracks, offering employees not only the chance to gain the ...


Read More
Littlefish Best Companies One to Watch 2019 Photo

Littlefish Double-Winners

10/05/2019

Can you name the football teams who’ve won ‘The Double’ (the League title and FA Cup in the same year?) ...


Read More
UK Cyber Education Risk photo

UK Education Learns about Cyber Risk the Hard Way

29/04/2019

It is exam time and students across a university are using the Virtual Learning Environment to help with their revision. ...


Read More
Littlefish ITIL v.4 training session

ITIL v4 – A Shared Language of Quality

25/04/2019

Already being ITIL-aligned meant it was a straightforward decision for Littlefish to become early-adopters of version 4 when it was ...


Read More
Cyber Security Passwords photo

Liverpool FC declared Champions of Guessable Passwords

25/04/2019

When it comes to Premier League football teams and guessable passwords, Liverpool are already confirmed as champions and Chelsea are ...


Read More
Littlefish Cyber Security User Education Awareness Header

Latest Government Cyber Security Survey indicates Growing Awareness but Action Needed

08/04/2019

The latest Cyber Security survey from the Government’s Department for Digital, Culture, Media & Sport, released April 3rd, reports a ...


Get in touch

To learn more about how our Managed IT Service solutions can be tailored to meet the needs of your business, contact us over the phone, email or via our Live Chat service.

 

Call Email Live Chat

Largest London Borough Seeks Littlefish

The London Borough of Croydon, the capital’s largest borough by number of households, has signed a £multi-million deal with Managed ...

Simon Jenkinson
Simon Jenkinson
26/06/2019
Read More
Croydon Council Photograph
Featured Article
Read More
Simon White Photo

Littlefish Academy: Learning is a Journey

Littlefish’s in-house learning Academy offers a range of career-specific learning tracks, offering employees not only the chance to gain the ...

Emma Maraio
Emma Maraio
20/06/2019
Latest News
Read More
Littlefish Best Companies One to Watch 2019 Photo

Littlefish Double-Winners

Can you name the football teams who’ve won ‘The Double’ (the League title and FA Cup in the same year?) ...

Simon Jenkinson
Simon Jenkinson
10/05/2019
Latest News
Read More
Littlefish ITIL v.4 training session

ITIL v4 – A Shared Language of Quality

Already being ITIL-aligned meant it was a straightforward decision for Littlefish to become early-adopters of version 4 when it was ...

Emma Maraio
Emma Maraio
25/04/2019
Latest News

Our Partners

aq_block_4
aq_block_5
aq_block_6
aq_block_7
aq_block_8
aq_block_10
aq_block_11
aq_block_12
aq_block_13
aq_block_14