M.A. Polce Consulting

M.A. Polce Insights

Author: Bea Ewing
Date: December 13, 2021
The First Line of Defense in Preventing Data Breaches: Training

Organizations spend thousands of dollars on technical security controls such as firewalls, antivirus software, and DNS filtering fixtures. However, all it takes is one wrong click by an employee for these defenses to unravel.

Despite all the warnings, many businesses still neglect security awareness training as a key component of their cybersecurity program. As a result, humans remain the leading cause of all security events. In fact, according to the IBM Cyber Security Intelligence Index Report, human error is a contributing factor in 95% of all data breaches.

The cost of a security awareness training program is significantly low compared to the cost of a data breach, which can cost organizations thousands to millions.

Security awareness training is important because it educates employees on how to recognize and act when faced with malicious attempts. Cybercriminals target humans in a variety of creative ways and without proper education, they are prone to fall victim to these attacks.

Phishing is the practice of posing as a legitimate organization or sender in an attempt to trick people into revealing sensitive information. Social engineering has become so advanced that attacks are often difficult to recognize. This explains why phishing is the most common cause of data breaches. Phishing comes in forms such as targeted emails, social media messages, and SMS messages. It has a high success rate because it is designed around psychological manipulation. Attackers create a sense of urgency that is often either paired with a threat or a reward.

Urgency and threat: “Action required. Login to your account now or you will be locked out.”

Urgency and reward: “You won $100! Click the link to claim your prize. The link will become inactive in 24 hours so act now.”

An employee with the proper training is equipped with the knowledge and best practices to avoid phishing attacks like these.

In addition to phishing, other common threats include removable media, passwords and authentication, public Wi-Fi, and social media use. Each of these threats entail different best practices for recognition and response. To minimize the success rate of these attacks, employees need continuous and thorough security awareness training.

Security awareness training is a cybersecurity protection that should not be overlooked. Its role in reducing the risk of loss of confidential data like personal identifiable information (PII), money, and brand reputation cannot be overstated. It fosters a culture of security, makes technological defenses more robust, assists with compliance, and increases employee -and customer- confidence in your organization.  Keeping employees “cyber-aware” turns them from points of weakness into pillars of defense.

Company Insights

We Strive To Be The Best

The M.A. Polce Difference:

24/7/365 Operations & Support

Superior Customer Service

30+ Experienced Engineers

SOC 2 &
NIST Compliance

Rapid Incident Response

You are now leaving MA Polce Consulting

MA Polce Consulting provides links to web sites of other organizations in order to provide visitors with certain information. A link does not constitute an endorsement of content, viewpoint, policies, products or services of that web site. Once you link to another web site not maintained by MA Polce Consulting, you are subject to the terms and conditions of that web site, including but not limited to its privacy policy.

You will be redirected to

Click the link above to continue or CANCEL