How Often Should You Conduct Cybersecurity Training?

October 18, 2022

With threats constantly evolving, it’s probably more frequently than you think

There’s never been a better time than now to update everyone in your organization on the latest cybersecurity threats and how to prevent them. It’s October – Cybersecurity Awareness Month. At Konica Minolta and All Covered, we’re aligning with the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) to help raise awareness of the attacks that threaten every organization, big or small. The focus this year is on personal responsibility, because as the CISA and NCA point out, the best approach is to “See Yourself in Cyber.”

According to Forbes, only 50 percent of U.S. businesses have a cybersecurity plan in place, and 32 percent of those businesses haven’t updated their plan since the pandemic began and forced them into remote and hybrid operations. Cybercrime itself is a huge business. In 2021 alone, it cost U.S. businesses more than $6.9 billion. And while your employees are among your biggest assets, they can also be your biggest liability. Well-trained and aware employees can become your first line of defense, spot indications of an attack and alert your IT or cybersecurity team. But an untrained employee can stumble into something that causes millions of dollars.

We’re all living and working in a world that’s in a massive digital transformation, and this has only compounded the huge rise in cyberattacks. Companies are increasingly being threatened by cyber crooks that are constantly using new attack methods in addition to exploiting the enormous capabilities of artificial intelligence (AI) and machine learning (ML) to carry out attacks. Because the threat surface and various types of attacks have expanded exponentially in recent years, keeping your people up to date on cyber safety is more important than ever.

Organizations with hybrid workforces are at even greater risk

One report from 2020 showed that 20 percent of organizations had a breach due to a remote worker, leading to increased and unexpected costs to resolve the data breach or malware attack. Another report revealed that the average cost of a data breach rose by more than $1M when remote work was one of the causes – and it took 58 days longer to identify and contain the breach for organizations with a remote workforce.

With WFH largely here to stay, those risks remain, and many organizations still aren’t properly protected. Businesses need to protect their employees from internet-based threats and deploy the newest endpoint tools on employee devices. But training to increase awareness is also key. So it’s critical to make sure your people working remotely are included in all training sessions.

Schedule cybersecurity training updates at least every four to six months

Depending on the type of industry you’re in, and how dramatically a data breach of sensitive information or a ransomware attack could affect your business, you may even want to create a program of more frequent updates. But training sessions every four to six months is a good starting point. According to a study conducted by the Advanced Computing Systems Association, also known as USENIX, researchers discovered that employees could still easily spot phishing emails four months after their initial training. But after six months, the same employees began to forget what they had learned.

We’re only human, after all

Employees are people, and people make mistakes. But all it takes is one mistake (read: click) for an employee to unwittingly open the door to your business infrastructure and allow an attacker access to proprietary and sensitive information, compromising your daily operations, your customers’ personal data, even shutting your business down due to ransomware attack. It’s important to learn and follow cybersecurity best practices and become aware of trends on an ongoing basis. Using the training services of cybersecurity experts is an excellent investment in the health and safety of your business.

Educate, train and phish your employees to upskill their cybersecurity awareness

At Konica Minolta, through our All Covered IT services division, we offer training programs to increase the safe use of email, social media, company software, data management systems and more through personalized, engaging training methods. Our services and their benefits include:

  • Programs that start with baseline testing of your entire user base along with additional testing, including simulated social engineering tests, at least once a month to reinforce training and continue the learning process for your staff
  • Digital training programs that use on-demand, interactive and engaging computer-based training instead of old-style PowerPoint slides
  • Measured results so that you see the tangible benefits of your cybersecurity training program through our digital security management systems
  • Increased productivity and a more confident workforce, because employees will understand how to look for potential threats and adapt their habits to face the ever-evolving cyberthreats, allowing them to do their work with more ease

Cybersecurity and privacy training should cover all the bases

With our Managed Security Awareness Training you can educate, train and actually phish your users so that they can develop more sophisticated cybersecurity skillsets.

These range from spotting phishing emails or irregularities online, to maintaining regulations and federal mandates for compliance in your industry – which the federal government is increasing, so it’s important to stay current to stay compliant – to establishing and enforcing rules to prevent oversharing about your company on social media, and to simply making sure that everyone who is in your organization or department is properly identified and belongs there. Very simply, tell your workforce, “If you see something, say something.” Being careful and staying aware can prevent 93 percent of cyberattacks. To stay safe from attackers, at work and at home, everyone must see themselves in cyber – this month and all through the year.

Find out more about our cybersecurity services here.

Konica Minolta

Konica Minolta aims to partner with clients to Give Shape to Ideas by supporting their digital transformation through its expansive Intelligent Connected Workplace portfolio. Its business technology offerings include IT Services, intelligent information management, video security solutions and managed print services, as well as office technology and industrial and commercial print solutions.