Our recent launch of the Baseline Employee Cybersecurity Assessment provides MSPs with a new tool to add to their prospecting and baseline risk detection efforts. As an MSP, it gives you the opportunity to show prospects and clients that human security plays a key role in protecting their organization and that without proper ongoing training, employees are an easy entry point for cybercriminals.
While a security risk assessment will identify gaps in a business environment, the human element should never be overlooked or assumed to be foolproof. Ongoing training is critical, but this assessment provides a deeper dive into which part of that human factor needs to be strengthened. The Baseline Employee Cybersecurity Assessment is delivered via a URL and is made up of a series of questions across six different cybersecurity categories, showing organizations where employees are struggling the most and maybe the most likely to fall victim to a malicious attempt made by cybercriminals.
Last week’s blog took a closer look at the first section of the assessment, known as the General Cybersecurity Knowledge component.
This week we’re focusing on the Phishing component of the assessment.
In this section of the Baseline Employee Cybersecurity Assessment, the questions address one of the most widespread tactics used by cybercriminals, phishing. In our hurried world, email provides a method of responding quickly, and at all hours, in a way that is quick and often the most efficient manner of tackling tasks on our to-do lists.
And humans, well, we are only human, and we make mistakes. With the tendency to react quickly and confidently comes the higher likelihood of errors being made and information being overlooked. Cybercriminals know this, and they prey upon our trust and tendencies to work in autopilot mode as we crunch through the day. Especially when our guard is down as we work from home in jobs that we know ‘like the back of our hand’ and respond to personal emails from that same work from home mindset that is our trusted and relaxed environment.
Additionally, social media provides hackers with a whole new database of information to make spear-phishing attacks even more effective. Social engineering, fraudulent websites, malicious links, and email addresses that look legitimate but aren’t… there are multiple ways of attacking unsuspecting victims that are contained all within a single message and method of attack!
The questions found in this section of the Baseline Employee Cybersecurity Assessment will address these tactics as well as the ways that the employee might respond when faced with a potential phishing email. You’ll be able to identify which employees may be unfamiliar with phishing altogether, which are aware but may need more in-depth training in this area, and which are well-prepared for a phishing attempt to hit their inbox. With this information, you’ll be able to provide a clearer, more focused approach for your prospect or client on how your cybersecurity program will help strengthen their phishing defenses, as well as their overall cybersecurity posture, which will be gauged through the other five sections of the assessment.
How To Use the Results
After each employee completes their assessment, the results are recorded along with the overall time taken to complete the assessment. Client management is then given a report that provides the average score across all employees who completed the assessment, as well as their individual scores. The report then breaks down each of the six categories to show management where their employees are struggling the most. This new tool changes the way MSPs can show their prospects and clients their human security risks at baseline, helping to highlight the critical need for an ongoing security awareness training program to reduce those risks. This report is a great tool for showing prospect and client stakeholders where there are human security risks within the organization and helps start the conversation around how your ongoing security awareness training program can help remediate those risks.
We’re excited to add the Baseline Employee Cybersecurity Assessment to our platform as another way for MSPs to expand and grow their businesses. This tool is now available for Breach Secure Now partners! If you’re a current partner and have questions on how to access this tool, or if you’re interested in learning more about how you can get your hands on this game-changer, you can contact us today! And it is INCLUDED with a Breach Secure Now partner subscription.