Littlefish User Education and Awareness training phishing graphic
Katy Hinchcliffe

About the author

Katy Hinchcliffe: Head of Cyber Security at Littlefish



Share via:

How can organisations use progressive phishing training to keep endpoints safe?

22/03/2019


Users are central to most phishing attacks, someone who, usually inadvertently, gives an attacker a foothold to exploit: users therefore play a critical role in organisation security. Security policy and technologies must enable users to work effectively whilst contributing to a secure environment. A regular, concise and engaging awareness programme increases organisational cyber security knowledge and engenders a security conscious culture.

Unsurprisingly, cyber criminals’ most common user exploitation method is social engineering, delivered by email, which attempts to lure users into performing an action – opening an attachment containing malicious code (file-based), or clicking a link to a malicious website (file-less). In our cloud-based world of frictionless experiences, it feels entirely natural to users – (particularly younger generations who are often more susceptible) – to click on links directing them to web browsers, then enter their credentials: file-less attacks are therefore increasingly difficult to defend against. Highlighting attackers’ latest techniques using realistic examples, providing tips for identifying suspicious emails and teaching users correct reporting procedures are the most effective countermeasures to social engineering.

Simulated phishing attacks support this strategy by regularly delivering ‘fake’ emails to a sample of users. Not only does this provide detailed reporting into susceptibility based on ‘successful’ attack types, by individual user or department, it also;

  • provides the immediate opportunity to deliver education (eg. explainer video) to exploited users while they are highly receptive
  • enables future education & awareness material and delivery to focus on highest risk threats
  • allows anonymised data across all customers to provide benchmarking and isolate trends affecting different organisation types or industries

Supplementing this approach by deploying two-factor authentication – combining something users have (device) with something they know (password) – further mitigates the risk of passwords compromised through credential-harvesting attacks and raises the risk perception of ‘standard login’ applications amongst users.

Learn more about Littlefish’s User Education & Awareness Services.

About Katy Hinchcliffe

Littlefish Head of Cyber Security Katy Hinchcliffe, is a highly regarded cyber security leader. With over a decade’s experience delivering a broad range of cyber security services to enterprise clients for global IT outsourcer Capgemini, notably managing the prevent, detect and respond functions on behalf of Rolls-Royce, Katy is now responsible for developing Littlefish’s Cyber Security practice.

Your People: Security Weakness or Effective Threat Warning System? Turn your biggest security risk into your biggest asset to help defend against potential cyber attacks. Download the 'Your People: Security Weakness or Effective Threat Warning System?' Whitepaper to to learn more. Download now



Read More

Littlefish renews Official Partnership with Nottingham Forest Football Club

30/08/2019

Global Managed IT Services provider Littlefish have renewed its official partnership with Nottingham Forest Football Club for the 2019-20 season, ...


Read More
Croydon Council Photograph

Largest London Borough Seeks Littlefish

26/06/2019

The London Borough of Croydon, the capital’s largest borough by number of households, has signed a £multi-million deal with Managed ...


Read More
Simon White Photo

Littlefish Academy: Learning is a Journey

20/06/2019

Littlefish’s in-house learning Academy offers a range of career-specific learning tracks, offering employees not only the chance to gain the ...


Read More
Littlefish Best Companies One to Watch 2019 Photo

Littlefish Double-Winners

10/05/2019

Can you name the football teams who’ve won ‘The Double’ (the League title and FA Cup in the same year?) ...


Read More
UK Cyber Education Risk photo

UK Education Learns about Cyber Risk the Hard Way

29/04/2019

It is exam time and students across a university are using the Virtual Learning Environment to help with their revision. ...


Read More
Littlefish ITIL v.4 training session

ITIL v4 – A Shared Language of Quality

25/04/2019

Already being ITIL-aligned meant it was a straightforward decision for Littlefish to become early-adopters of version 4 when it was ...


Get in touch

To learn more about how our Managed IT Service solutions can be tailored to meet the needs of your business, contact us over the phone, email or via our Live Chat service.

 

Call Email Live Chat

Littlefish wins Commitment to People Development Award

Nottingham headquartered global Managed IT Services Provider Littlefish won the ‘Commitment to People Development Award’ at the East Midlands Chamber ...

Adam Allcock
Adam Allcock
19/09/2019
Read More
Commitment to People Development Award
Featured Article
Read More

Littlefish renews Official Partnership with Nottingham Forest Football Club

Global Managed IT Services provider Littlefish have renewed its official partnership with Nottingham Forest Football Club for the 2019-20 season, ...

Simon Jenkinson
Simon Jenkinson
30/08/2019
Latest News
Read More
Croydon Council Photograph

Largest London Borough Seeks Littlefish

The London Borough of Croydon, the capital’s largest borough by number of households, has signed a £multi-million deal with Managed ...

Simon Jenkinson
Simon Jenkinson
26/06/2019
Latest News
Read More
Littlefish Best Companies One to Watch 2019 Photo

Littlefish Double-Winners

Can you name the football teams who’ve won ‘The Double’ (the League title and FA Cup in the same year?) ...

Simon Jenkinson
Simon Jenkinson
10/05/2019
Latest News

Our Partners

aq_block_4
aq_block_5
aq_block_6
aq_block_7
aq_block_8
aq_block_10
aq_block_11
aq_block_12
aq_block_13
aq_block_14