Cybersecurity Threats Are Constantly Evolving
Businesses of all sizes are targets. You can have your network and all of your workstations locked down with the strongest firewalls, antivirus and malware protection, and it won’t mean a thing if one of your employees clicks the wrong link in an email. That’s all it takes.
Your employees are your greatest asset, but they are also a vulnerable point-of-failure for cybersecurity attacks, social engineering attacks, phishing attacks, and more. That’s what makes security awareness training one of the most powerful weapons in your arsenal – it equips your team with the knowledge and skills to identify and defend against cyberattacks, ultimately protecting your business.
Usecure Partnership
We partnered with Usecure, an automated human risk management service, in September of 2023, and the change in just six months has been startling to say the least. Usecure measures your vulnerability to cyberattacks using what they call a Human Risk Score, a number from zero to nine hundred. This score is calculated by counting the number of dark web exposures your company has suffered, the training programs your users have completed, and running phishing simulations on your employees to count how many opened, clicked, and compromised their details. This data is then compared against industry data to form a score that accurately shows how vulnerable your business is relative to other businesses, and the lower your score, the better.
When United Business Systems began our partnership with Usecure, our Human Risk Score was an unhealthy 665, indicating we were more vulnerable than average businesses to phishing and breaches. Upon reviewing this further, over the course of the 40 years our company has been in business, several employees have had their credentials compromised for various websites. When a company has been in business as long as UBS has, this is not an unusual thing to see; however, we still had to act on it. To resolve this, we went through our users that showed up on the dark web scan and started reviewing their details. For any users that were no longer employed, we made sure they were removed from all our systems and then for users that were still employed we enforced a stricter password policy, made easier by using the Watchguard Password Manager. Usecure then began a company-wide campaign of education, with short, ten-to-fifteen-minute security awareness training courses periodically assigned to each and every employee. Meanwhile, Usecure continued to periodically run phishing simulations – sending emails that looked legitimate from well-known companies to test whether our employees would click false links or divulge login information.
As of April 2024, our employees have completed 185 security awareness training courses, and our Human Risk Score has dropped over four hundred points to 261, marking our company as more secure than the average business. Since starting the program, Usecure has run 427 phishing simulations, and out of those, only 18 false links were clicked, and only one user compromised themselves, and that was in November, when the program was still relatively new.
Our Business and Clients’ Data is Safer
Our employees are now equipped with the knowledge to protect themselves, and by extension, protect our company from attacks and threats, and as a result, not a single employee has experienced a breach or had their credentials appear on the dark web in over a year. Our business is safer and our clients’ data is better protected thanks to the skills our employees learned through security awareness training and testing.