It’s everywhere you turn. Advertisements for security awareness training. The last line of defense. The human firewall.
There’s nothing wrong with training your employees to recognize security exploits. We recommend it. But it should be one part of a holistic defense-in-depth approach to security. Why is that? Because the math of having employee awareness training be your only line of defense is frightening. How frightening?
Let’s assume your employees receive the best possible awareness training. Not only that, but they receive the training continuously for an entire year. Under these ideal conditions, the phish prone percentage will get as low as 2%. That means links in 2% of the malicious emails will still get clicked on by your super-aware employees. Furthermore, recent research indicates that the average employee receives almost five phishing emails per week. Ready for some math?
With thoroughly trained employees receiving an average number of phishing emails, a company with just 10 employees will have its network successfully penetrated once per week. Just for reference, how many network penetrations does it take to deliver malware and compromise an entire organization? One!
The numbers are actually worse than that. Other research has shown that “1 in 4 Workers Are Aware Of Security Guidelines – but Ignore Them.” That means to get phished once per week you only really need about eight highly-trained employees.
You want to train your employees? Go ahead. But make it the first line of defense, not the last. For the last line of defense, get something that protects your company from the 2% of links that get clicked. Get Phishing Protection from DuoCircle.
Phishing Protection from DuoCircle is cloud-based email security solutions with real-time link click protection. DuoCircle doesn’t prevent human error, it protects your company when it inevitably happens.