Technology Will Not Save You From Hackers

I have discussions with clients all the time about technologies that we recommend that will help protect their companies from hackers.  What most people do not understand is that technology itself will not protect a company.  Someone who is attacking your company is using technology to try to get into your systems, but they are the brains behind the attack.  If you put in a piece of equipment to stop the attack, but don’t have any “brains” that are orchestrating your defense, then you will fail.  Technology can only take you so far.

Let’s take phishing emails for example.  Some of the companies are extremely diligent on making sure every employee takes Security Awareness Training.  They follow up with employees who fall for simulated phishing attacks and explain the reasons why they are phishing and training the employees.  I know of other companies who send out security awareness training, and if they get 50% of the people to take the training, they consider that good.  But when one of their employees falls for an actual phish email they blame the technology for letting it through.  The technology is working and does block a majority of the spam/phishing emails.  It isn’t perfect and never will be.  That is why we must train our employees.

What do you do if your employees just won’t bother taking the training?  This is a common problem, with a fairly easy fix.  You need management buy in, meaning they understand the need for the training, and you need to have HR back you up.  Keeping the company safe can be just as important as finishing the project in time.  If your Intellectual Property is stolen, the entire business can go under.  Once people understand the risks and they realize that management and HR take this seriously, people will make the time for training.

If you have questions on how to implement security training in your company, contact Thrive.