In the last year, we have seen a huge increase in phishing attacks. In particular, there was a large amount of pandemic related phishing emails.

Phishing attacks are still the most common cause of cyber-security breaches, research suggests that 91% of successful cyber-attacks are the result of a phishing scam.

Training your end-users to recognise and report potentially harmful emails can dramatically reduce your risk.

Removable media is the portable storage medium that allows users to copy data to the device and then remove it from the device to another and vice versa.

As well as understanding the risks your employees need to know how to use these devices safely and responsibly in your business.

Most organisations collect, store and process a great deal of sensitive information. If any of this data is publicly exposed, accessible to a competitor or cybercriminal, then you may face significant regulatory penalties, damage to consumer relationships and a loss of competitive advantage.

A very simple but often overlooked element that can help your company's security is password security. Using simple passwords or having recognisable password patterns for employees can make it simple for cyber-criminals.

Some employees may have already been exposed to data-breaches, by using simple or repeat emails for multiple accounts. One study found that nearly 60% of all end users use the same password for every account. This means that if one account is compromised, a hacker can work on multiple accounts to gain access to all the user's information.

Educating employees on safe internet habits should be a key part of any IT induction

The changing landscape of IT technologies has improved the ability for flexible working environments, and along with it more sophisticated security attacks. With many people now having the option to work on-the-go using mobile devices, this increased connectivity has come with the risk of security breaches.

User-device accountability is an increasingly relevant aspect of training in now, especially for travelling or remote workers. The advent of malicious mobile apps has increased the risk of mobile phones containing malware which could potentially lead to a security breach.

Malware can infect a computer if the software has a vulnerability in the code. Staff should be trained to expect patches to be required. Once staff understands why it’s important, they are more likely to do it. They may need to reboot a device to complete the update even if they are not directly involved in patching.

Malware is used to steal sensitive data (user credentials, financial information etc) or cause damage to an organization’s systems (e.g., ransomware and wiper malware). It can be delivered a number of different ways, including phishing emails, downloads and malicious removable media.

The need for remote working led to many companies making a rapid move towards full time working from home policies.

Whilst remote working can be positive for companies, promote increased productivity and greater work-life balance it does pose an increased threat to security breaches. Employees need to be educated on the risks of remote working.

Some employees who need to work remotely, travel and working on the move may need extra. Fake public Wi-Fi networks can leave end-users vulnerable to entering information into non-secure public servers.

Educating your users on the safe use of public Wi-Fi and the common signs to spot a potential scam will minimise risk.

Many companies allow their employees to use their personal devices, which is a great cost-saving method and allows flexible working, however there are risks associated with this.

Malware downloaded applications on personal devices can risk the integrity of the company's network.

Keeping sensitive physical documents secured is vital to the integrity of your company's security system.

Simple awareness of the risks of leaving documents, unattended computers and passwords around the office space or home can reduce the security risk.

We all share large parts of our lives on social media but oversharing can lead to sensitive information being available, making it easy for a malicious actor to pose as a trusted source.

Educating employees will reduce the risk of the potential leverage that hackers can gain from this.

Social engineering is a common technique used to gain the trust of employees. Employees need to be educated about the most common social engineering techniques and the psychology behind it.

Cloud computing has revolutionised businesses, the way data is stored and accessed. cloud-storage can be a much safer and cost-effective way of storing your company's data.

Researchers predict that by next year, 99% of all cloud security incidents will be the fault of the end-user.