The industries most at risk of cyberattacks

When it comes to being a target of a cyberattack, there’s something of a misconception commonly held by organisations. Namely, cyberattacks are something that happens to other organisations.

While the news is often full of stories about large global firms getting targeted and falling victim to attacks, the vast majority of attacks focus on small businesses, charities and public sector organisations.

More distressing still, the volumes and frequency of cyberattacks have been increasing at an alarming rate over the last few years, costing businesses significant money and causing major disruption.

Just this week, over 300 Spar stores had to temporarily close due to cyberattack, with criminals targeting the company that operates the convenience store’s till and IT systems, compromising Spar’s ability to take payment. It’s a stark reminder of why companies need to be vigilant.

Retail, however, is just one industry that is commonly targeted for cyberattacks, with some industries being targeted on a regular basis. These are the industries that are most at risk:

Healthcare organisations

The most significant concern regarding cyberattacks in the healthcare industry is that a successful attack does more than financial or reputational damage, they put people’s lives at risk.

The healthcare system industry has proven particularly susceptible to ransomware attacks, notably the WannaCry attack, which hit more than 60 NHS trusts and ground healthcare to a halt.

Small businesses

Small businesses might not seem a natural target for cybercriminals, especially with significantly greater riches available by targeting bigger firms.

This view, however, fails to take into account how difficult it is to breach a small business, rather than a large one. With little by way of cybersecurity training deployed in many small companies, it can prove a simple task to gain access to their systems.

Research revealed that 43% of cyberattacks were targeting small businesses and phishing attacks to specific targets are very common.

Government agencies

More than a target for cybercriminals, government agencies of all sizes are regularly targeted by nation-states and private hacking organisations due to the confidential and high-value data that is stored on government agency records. It is common for hackers to breach system security to steal highly confidential information.

Local councils alone are subject to an average of 19.5 million cyber-attacks a year, highlighting the threat level that governmental teams of all sizes face from cybercriminals and fraudsters.

Read our Government and Local Authority case study here.

Financial institutions

Banks and other financial institutions are, naturally, an extremely high-value target for cybercriminals. After all, where there’s money, there will always be people willing to steal it.

An incredible one-third of phishing attacks are aimed at financial institutions, costing banks an average of £13m annually in losses and fines.

More than simply financial damage though, breaches of financial sector organisations erode trust between consumers and other institutions.

Read our Financial Services case study here.

Education

A recent study found that UK universities are hit by a successful cyberattack every three hours, and 87% of them have experienced at least one breach.

With many universities funding world-leading research, cybercriminals see high-value targets within universities and other educational sector organisations. Hackers have been able to bring education systems down, affecting high numbers of students around the world.

Energy and utility companies

Another industry that has been frequently targeted is energy and utility suppliers. Hackers have been able to stop the supply of energy and hold the companies to ransom, causing severe disruption to the company and their customers.

According to an analysis from the Department for Digital, Culture, Media and Sport, the utilities sector ranks sixth-highest for mean investment in cybersecurity with an average spend of £5,420 per year. This, despite having arguably the most to lose in a potential attack.

Read our Energy & Utilities case study here.

In 2022, it is expected that cyberattacks will yet again increase, making it more important than ever to ensure that, no matter your sector, you have adequate security and training in place to keep your business protected.

Bob’s Business provides highly effective online training that can help small and large businesses to protect their IT systems by empowering employees to take the right actions to avoid falling for scams or compromising data.

Find out more about Bob’s Business’ cyber awareness training and discover how to improve your cybersecurity.

Your 2022 cybercrime forecast

If you want to make sure that your business has a successful future, it’s essential that you put processes and strategies in place that ensure you hit your targets. With digital solutions now at the heart of virtually every company, it won’t come as a surprise to hear that your online systems must have adequate security to prevent the risk of cyberattacks too.

Since the start of the COVID-19 pandemic, there’s been a significant increase in cyberattacks, largely aimed at the security vulnerabilities presented by people working from home.

More concerning still for SMEs, the weight of attacks have fallen on small businesses that might not have considered themselves to be at risk.

2022 promises more of the same. So, to help your business enjoy a safe and secure 2022, we’ve cast our minds to the future to predict what we think the major challenges organisations will face over the next twelve months. Ready to find out more?

These are the cybercrime threats to look out for in 2022:


Pandemic-related phishing

COVID-19 is, unfortunately, a continued reality going into 2022 and potentially, beyond.

Having already led to a fundamental shift in our working habits, driving many into a work-from-home environment, new variants could yet close offices in the new year, causing further disruption.

Although much of the cybercrime around the pandemic took advantage of reduced security in home office environments, a large portion of attacks looks to capitalise on the fear, uncertainty and doubt generated by the pandemic.

Countless phishing emails sprung up around the pandemic, like fake NHS emails asking people to pay for a vaccination or a test. Indeed, research found a 220% increase in phishing emails around the peak of the pandemic – a figure we might see repeated, should the global health situation enter another perilous phase.

Data breaches

Data breaches, regardless of their source, remain the most costly and disruptive cyber threats to organisations. In 2022, data breaches will remain a significant threat to organisations.

Worryingly, almost a third of all data breaches happen to small businesses, as cybercriminals take advantage of weaker security measures due to smaller cybersecurity budgets caused by a tightening of purse strings. Data breaches can result in large fines as well as cause significant reputational damage to the business brand, so it is important to ensure employees receive cybersecurity awareness training to reduce your risk of breach.

Ransomware attacks

Ransomware attacks, where a target’s data is encrypted and held hostage until money is sent to the attacker, have been a reality for over 30 years now, but their increasing appearance is cause for alarm. Need proof? The first half of 2021 saw a 93% increase in attacks compared to the same period of the previous year!

Ransomware attacks are expected to increase in 2022, which is bad news for businesses. With more and more of us working from home, the gap between the office at work and the office at home is widening and causing issues that organisations are still scrambling to address.

Mobile malware

Another growing concern is mobile malware, targeting company phones and smart devices of people working from home.

Cybercriminals have been utilising machine learning and artificial intelligence to make even more sophisticated malware attacks. With mobile malware, criminals can disable devices and force the owners into paying a ransom to have their mobile re-enabled.

We’ve highlighted just a handful of the cybersecurity threats lurking on the horizon and expected to cause severe problems for businesses in 2022, but they are far from the only concerns going into the New Year.

So, how do you protect your organisation?

With 90% of breaches occurring as a result of human error, by far the most effective way to protect your business from cyberattacks is to ensure that your employees have high-quality cyber awareness training. Bob’s Business provides engaging, cost-effective online training covering essential topics such as cyber awareness.

Find out more about our unique training solutions.

How experiential learning can strengthen your cybersecurity

As the risk of cyberattacks continues to grow for businesses, reaching record levels in 2020, it has never been more important to ensure that your teams stay informed about new cyber threats, as well as emerging technology and other tools that are able to enhance cybersecurity and combat online threats.

Developing employee cyber awareness is one of the most effective ways to protect your company from cyberattacks, as in 90% of successful breaches, it is employees who are targeted first.

At Bob’s Business, we believe in creating training solutions that your team actually want to take, and that means using innovative training theories. Join us as we explain.

How learning theories can be utilised in digital training

It is easy to see why it is important to invest money and time into cyber awareness, but as a business, you also need to see optimal results in return for that investment.

That means finding and investing in the most effective training solutions, designed to boost employee cyber awareness.

As we discussed in our last blog, experiential learning is a theory introduced by David Kolb in the 1970s. In short, it’s the theory of learning by doing.

We apply the experiential learning theory to the narrative-driven technological training solutions, Bob’s Business can boost cyber awareness within your organisation to levels that traditional training methods cannot achieve.

But why do we do it? It’s simple, research suggests that the knowledge retention rate of experiential learning can be as high as 90% – far higher than traditional training seminars, books or videos, for example.

So far, we’ve incorporated narratively-driven animations, gamified learning and quizzes and phishing simulations into our training, but now we’re ready to introduce a new type of experiential training experience: remote escape rooms.

Introducing remote escape rooms from Bob’s Business

Escape rooms have grown to become an established entertainment product, but their use in training has largely been ignored – until now.

Hack the Hacker is the first remote cybersecurity escape room, built to teach groups of up to ten at a time vital cybersecurity habits by having them explore the room together, solving clues and cracking the code at the heart of the mystery.

With workers now often spread out across the country, we’ve built Hack the Hacker to work for every organisation. The escape room connects your team together via Zoom where they guide a single avatar around the room, giving them instructions, so they can easily access it from home.

We’ve always battled against notoriously boring traditional cybersecurity training. Now with Hack the Hacker, our remote escape room, we’re bringing cybersecurity to life in an innovative and enjoyable way, one which bonds teams and builds knowledge.

Curious? Find out more about our virtual escape room and how this approach is a game-changing development for cybersecurity training.

What is experiential learning?

Everyone knows that Investing in employee learning and development delivers countless valuable benefits to businesses, but what many forget is that in order to optimise the outputs from learning and development strategies, businesses need to deploy varied learning experiences.

Learning theories have been researched for centuries, and David A. Kolb’s Experiential Learning Theory is one that has received significant acclaim and has been implemented to great effect in a wide range of learning environments.

But what is it, how can it help your employees working from home and how does it work?

What is experiential learning?

Experiential learning is based around a four-step cycle:

  • Experience
  • Reflect
  • Think
  • Act

At its core, experiential learning is learning by doing.

The learning process starts with the person experiencing something, like doing a task for example. They then have time to reflect on that experience, taking away what they have learned from the experience. After the thinking step, the person then makes a decision to act, by trying out what they have learned.

The beauty of experiential learning is that all of us are already doing it, each and every day. As such, we often don’t realise we are learning this way, as it feels like a natural process that requires no conscious decision to do it.

By taking the concept of experiential learning into the often artificial world of workplace training, we can help embed lessons effectively in both the short and long term memory.

How can home workers enjoy experiential training?

Due to the pandemic and the government’s work from home advice, many businesses are still operating with employees working from home, either part or full time.

Even with many workplaces reverting back to pre-pandemic working arrangements, there is still a large number of companies that are allowing employees to work from home and this is expected to remain the case in the near future.

It’s a shift which has brought a good number of benefits for businesses, being safer from a health point of view and requiring less office space and allowing employees more flexible working hours.

However, one of the drawbacks of having a workforce working from home is that it limits some of the learning opportunities that would be available in the workplace. For example, learning from other members of the team is restricted, as they are not physically working together.

It limits the potential of experiential learning, so how can your home working teams get involved?

Experiential learning through digital solutions

There are lots of digital technology solutions that have been developed around the experiential learning approach, including training activities that we at Bob’s Business utilise, like our phishing simulations and interactive courses.

Playing games that test skills and knowledge is another way that experiential learning is applied in digital training solutions.

At Bob’s Business, we put our focus on innovative digital training that combines cutting-edge technology with effective learning methodologies to ensure employees develop and thrive, to help businesses succeed in today’s challenging markets.

For a sneak peek at where we’re taking our innovative experiential training next, check out our blog on how experiential learning can help strengthen your cybersecurity.

What do hackers use your data for?

You’re probably already aware that hacking is becoming a bigger and bigger problem for organisations of all sizes, despite the sophisticated cybersecurity software that is often pushed forward as a ‘cure’.

2020 was a record-breaking year for hacking attempts against UK firms, owing largely to the fact that with many of us working from home, our personal security levels have slipped.

The fallout from a successful hack can be extensive, including reputational damage, fines and loss of customer trust. But what do hackers get out of the deal?

Here are some of the things that hackers use stolen personal information for:

Identity theft

Criminals often illegally access data so that they can steal someone’s identity for financial gain. For example, they can use personal information to apply for loans and credit cards in the victim’s name. In some cases, identity thieves can purchase goods using financial details.

When hacking organisations, a criminal may steal the identity of a trusted senior team leader to encourage more junior staff to give over crucial data.

Selling onto other criminals

It is quite common for cybercriminals to sell data to other criminals on the dark web. The buyer will then use the data for identity theft and other crimes. Hackers sell certain pieces of personal data, sometimes using a shopping list of prices, where there will be a set price for information such as credit and debit card information.

Account takeover

Hackers can use data to take over accounts such as shopping accounts. They will usually change your password so that you will not be able to log into your account, so you might not notice that they have taken over your account immediately.

In targeted phishing attacks

By using personal information, cybercriminals can make phishing attacks seem more authentic, by using the information in the email and tricking victims into thinking that the email is genuine. In these cases, a breach is often just the start of a longer-term series of attacks.

To cause reputational damage

Another way that hackers can use stolen data is to cause embarrassment and reputational damage to companies. Hackers may try to blackmail people, threatening to leak data that would cause harm to the company.

How do you protect your company from hackers?

If your company stores personal information about customers or employees, then it is important that appropriate security measures are in place as per the data protection regulations. 

Having the most up to date software installed on your company’s computers is one of the most effective ways to protect data, as well as deploying a number of other security solutions such as firewalls and making sure your website incorporates the highest level of security protection.

However, even with the most expensive security systems in place, your company may still be vulnerable to hackers when they target employees through phishing emails and other scams. This is because 90% of breaches start with simple human error.

Therefore, the best method of boosting data security in your organisation is to regularly educate and train employees, so that they know what a scam looks like and what to do if they receive one.

Bob’s Business designs effective online training solutions to empower employees to protect their company by increasing their cyber security awareness, using award-winning techniques like our innovative courses and phishing simulations

To ensure that your company is as well protected as possible, see how our training courses and simulations will boost your online security.

Why your business needs to build a security culture

When it comes to strengthening security within your business, there are plenty of options available.

Be it installing security software as a way of protecting your systems or installing a team or individual to monitor and manage security, there are many important practices you can put in place to help protect your business.

However, these solutions alone are not enough to provide a comprehensive level of security. Why? Because studies have found that 90% of breaches occur due to human error, with employees accidentally leaving their employers vulnerable to cyber attacks.

That’s why, alongside investing in powerful security technology, you should also invest in building a positive security culture, where employees are an integral part of your security strategy.

But what is a security culture, we hear you ask. The simple answer is that when we talk about a culture, we are talking about the attitudes and behaviours of employees.

A positive culture is one where all employees work together and take responsibility for protecting the business by displaying cyber security awareness and taking the right actions.

So, how can you build one within your organisation? Read on.

How to develop a positive security culture

These are some effective ways to start building a security culture in your workplace:

Make security awareness an ongoing priority

Some businesses make the mistake of pushing security awareness at certain points, but leave it off the agenda for the rest of the year. Needless to say, that’s a shortcut to failure.
Security awareness needs to be a constant priority within the business and employees need to know it is important all year round, not just when they complete an annual security awareness course.

Quite simply, secure thoughts and behaviours can only build if regular communications and training are in place, rather than just annual activities.

Outline the desired behaviours

For employees to develop the desired behaviours, they need to have a clear understanding of what the expected behaviours are.

For example, having visual reminders with memorable statements such as “think before you click” helps to embed the importance of thinking before clicking a link in an email, on a website or otherwise.

Lead by example

For any type of culture to be fully adopted, employees need to see the leadership team displaying the expected behaviours. Managers should lead by example in regards to good security practices. This should be evident in meetings, as well as general day-to-day actions and conversations to show employees that leaders are as committed to protecting the company as they are.

Incentivise good security practice

Another way to encourage employees to think about security more and to motivate them to display the required behaviours is to recognise and reward good security behaviour. For example, someone who reports a phishing attack could receive a small reward, which will inspire other employees to replicate the behaviour, so they can be rewarded too.

Developing a security culture does not happen overnight, it requires time and commitment. It involves leaders getting on board, as well as being incorporated into the internal communications strategy. Most importantly, having the right type of cyber awareness training solution is key.

Bob’s Business provides award-winning phishing simulations that can be used all year round to ensure that employees stay up to date on the latest cyber scams. Find out more about the cyber awareness training solutions we offer.

What to do if you click a phishing link

With phishing emails making up 1% of emails sent, an astonishing 3.4 billion hit our inboxes a day. Naturally then, it’s only a matter of time before somebody in your team accidentally clicks a link.

Clicking on a link in a phishing email can leave a business vulnerable to data loss, so it is crucial that you and everyone in your organisation understand the right steps to take in the event of accidentally responding to a phishing email.

Phishing emails can be sent to anyone at an organization and even people like fraud managers or IT security employees can fall victim to a cyberattack. Companies should have a cyber security policy and training awareness program in place that will help employees to take the correct actions.

These are the steps that need to be taken after clicking a phishing link:

1) Report the incident

Your first step should always be to report the incident to your relevant internal team.

By immediately reporting the incident to the relevant team, such as the IT security incident team or service desk, action can be taken to prevent other people in the organisation from doing the same thing.

It’s important to note, however, that employees might be embarrassed that they have been tricked by a scam and be hesitant about reporting the incident. This is why it’s so important that your organisation provides training and awareness that encourages employees to report security incidents without fear that they will be in trouble.

2) Change login passwords

One of the ways that data is compromised through phishing attacks is by tricking people into providing their login credentials, so it is vital that your passwords are changed as soon as possible after a phishing attack.

In many cases, a victim will use the same password for numerous accounts, which can cause a chain reaction of breaches across their accounts. As such, you will need to update all of your passwords as soon as possible.

Passwords should be difficult to guess and training should be provided to ensure that employees know how to set difficult passwords.

3) Investigation of the attack

Once a phishing attack has been reported, the relevant team should conduct a thorough investigation into the circumstances. Endpoint analysis will help to identify if any malicious software has been introduced onto the PC or network.

The investigation should help to decide whether there is a specific security process or system weakness that requires strengthening.

4) Inform the regulators and law authority

Organisations must comply with the rules of their regulatory authorities, such as reporting a phishing incident within a specific amount of time. It may also be necessary to inform the police so that criminal investigations can be completed.

Improve security and raise awareness

Mistakes can be incredibly valuable.

Once the phishing attack investigation has taken place, your organisation should use the information to make their security structure more robust. They can also make arrangements to deliver more comprehensive cyber security training that will help to prevent employees from responding to a phishing email in future.

Bob’s Business offers a range of online training solutions with industry-leading techniques and methodologies to raise cyber security awareness.

Find out more about how we can help protect your business from phishing scams.

Health, safety and wellbeing when working from home

With more of us than ever working from home as a consequence of the COVID-19 pandemic, we’ve all had to make adaptations required to support this new working environment.

As well as ensuring that the right technology is available to our teams, including digital security solutions, employee health, safety and wellbeing should always be among the highest priorities for any organisation.

The difficulty for organisations unaccustomed to teams working from home is that, when working in an office or other type of dedicated workspace, health and safety policies are fairly straightforward to put into place and monitor. The same is the case with supporting employees’ wellbeing, but when they’re working at home? That can be a difficulty.

Nevertheless, employers have responsibilities to protect their employees and employees also have responsibilities to keep themself protected – even when our homes become our offices.

These are some of the key responsibilities that all of us need to keep in mind:

Risk assessments

Under the law, employers have a responsibility to assess any risks in an employee’s working environment. Where this is not possible, for example, during the pandemic, the employer should ask the employee to conduct a self-assessment of their workspace and equipment.

The set-up of display screen equipment is important, as a poor set up for working with a laptop or PC can cause postural problems and permanent injury. There is a checklist that can be used to make sure that everything is set up correctly, such as having a comfortable seat that provides support and making sure the screen is in the right position to prevent stooping over or straining your eyes.

Health and safety

Employees also have a responsibility to take care of their own health and safety when working from home. However, without proper guidance then it’s unfair to expect them to develop safety protocols on their own.

As such, they should do this by keeping in regular contact with their manager and keeping them informed of any concerns such as health and safety risks that they face within their home.

Wellbeing

The changeover to working from home can have a negative impact on employee wellbeing, as they are now spending more time on their own, without having their team close by to get support from. Indeed, 67% of British people said they feel less connected to their colleagues as a result of working from home.

People living on their own might be particularly affected by the lack of interaction with work colleagues, so managers should check in with people to see how they are feeling. A simple, earnest conversation about their mental and physical health can make all the difference.

People working from home may also find it more difficult to switch off from work, as they are now combining their workplace with home space. It becomes more difficult to stop thinking about work, compared to when you work in a separate building and leave it for the day.

All of these factors can have a detrimental effect on people’s wellbeing and must be considered when supporting employees who work from home.

At Bob’s Business, we offer more than just cybersecurity awareness training. Our online training courses also cover all of the essentials in terms of health, safety and wellbeing. These engaging courses are ideal for completing by employees who are working from home and managers of teams who are home based.

View our full course list here, and check out our pricing and product comparisons here.

The psychology of human error

To err is human, but some mistakes can have major consequences for yourself and your organisation.

There are lots of different reasons why a person might make an error in the workplace, such as tiredness, being distracted by other tasks, or in some situations, due to lack of knowledge.

Independent studies have revealed that 88% of data breaches are due to human error. As such, reducing human error is an area of vital importance for every company.

A simple error can end up costing a company a significant amount of money in fines and compensation, as well as potentially irreparable damage to the company reputation.

To better understand the reasons behind the errors, we looked at a report by Professor Jeff Hancock of Stanford University. The study identified that almost half of employees surveyed believed they had made a mistake at work that led to security repercussions.

Here’s what it found:

Younger employees more likely to admit to errors

The report revealed that younger employees were 5x more likely to admit to errors that compromised security.

The report found 50% of 18-30-year-olds admitted to mistakes, while just 10% of over 50s owned up to making mistakes. Professor Hancock’s view on these figures is that younger people are more likely to admit to mistakes, rather than this being representative of which age groups are making the most mistakes.

He referred to the added importance of a positive reporting culture for older generations to reduce the shame of admitting to mistakes, which can be a high risk for companies, as people who admit to errors are more likely to learn from them.

Men click phishing emails with greater regularity

Another very interesting insight was that 25% of employees in the studies had clicked on a phishing scam link, with men more likely (34%) to click a link than women (17%).

The report found that older employees claimed to be the least susceptible to phishing scams but that they actually had less knowledge of what a phishing scam was.

Tech companies are at increased risk of phishing

When looking at which companies were most likely to click on phishing email scams, fast-paced tech companies were the most fallible. While this might surprise some people due to this sector being the most tech-savvy, one plausible reason for this is that tech employees are usually expected to work at a fast pace, answering emails as quickly as possible.

This pace of working, rather than knowledge or age, is more likely to be the key reason for this sector being the worst for falling for scams. Instead of carefully reading through emails and having time to consider the best course of action, employees often felt pressure to quickly deal with enquiries, without giving adequate consideration to potential risks.

Tailored training is vital

Professor Hancock’s strong recommendation based on his findings is to include tailoring training to reduce human risk across organisations.

Our flagship training programme, Bob’s Culture, tailors not only the course rollout for each organisation specifically around the personalities and thought processes of the people in your organisation but also the phishing training delivered.

The key is our unique Human Vulnerability Assessment, an anonymised questionnaire answered by your whole organisation which ensures the training you complete is relevant and necessary to reduce your risk of breaches.

Want to find out more about Bob’s Culture? Click here.

Why every cybersecurity incident should be reported

The fight against cybercrime is a constant challenge, and even businesses that invest a large budget into security software and in-house cybersecurity teams aren’t immune to cyber attacks.

There are lots of different ways that criminals try to penetrate companies’ systems, although by far the most common is through your teams.

Fully 90% of breaches start with human error, so making sure that employees know what to do when they receive a phishing email, or another type of attack is vital in preventing future attacks.

When a cybersecurity incident occurs, this is why it is essential that employees report the incident:

  • You can react appropriately. The first and most important aspect of reporting is that it gives your internal security team notice that they need to spring into action to prevent data loss or system compromise.
  • You can build training around the incident. You can use the incident as an example in training content to make it more relevant to your company compared to a generic example that some training providers use. Do ensure that the example is anonymised though, as highlighting a mistake makes people more likely to hide incidents in the future.
  • You can collect data about incidents to look for patterns. Sometimes minor incidents can point towards a bigger issue that needs addressing, so employees should be encouraged to report every single incident, not just the major ones.
  • You can communicate the incident to other employees. With the incident communicated, you can share it with your teams so they are aware of the type of scam and do not fall for it.

Importance of reporting incidents

In some instances, people might be afraid to report incidents, as they might feel embarrassed if they did something wrong like click on a link in an email. This is why it is important to communicate to the workforce how important incident reporting is and that the process exists to protect the business, not to identify employee errors.

Making reporting a non-punitive exercise and, in fact, rewarding employees which do report incidents is a vital part of building a positive cybersecurity culture.

How to report incidents

Every business should have its own process for reporting incidents, such as to a fraud team, or to IT security, for example.

The process should be clear for employees, if you have a company intranet site, you should publish your IT security policy and incident reporting process onto it for people to easily find.

Types of incidents that need to be reported

It is also a good idea to list all of the types of incidents that need to be reported. Some of the possible incidents include:

  • Phishing emails.
  • An attack on a website.
  • Improper usage by an employee (including accessing dangerous sites).
  • Scareware to buy fake antivirus software.
  • Ad-based malware.

These are just a few examples but there are many more techniques and methods that hackers use and errors or unusual behaviour of internal employees should be reported too.

To ensure that your employees understand what to look out for and what course of action to take, our Incident Reporting course is the perfect solution. Book a demo today to discover how you can get access to our Incident Reporting course for your team and full access to our 55+ strong catalogue of cybersecurity and compliance courses.