Human error is one of the largest contributors of unauthorised access to your business confidential information.
One of the most common methods hackers use to gain access to your systems is through phishing. Phishing is when an attacker tricks your staff into submitting passwords or paying invoices through social engineering such as calling and pretending to be from the IT team or sending an invoice from a new or existing vendor with changed payment details.
It is also possible for attacks to introduce malware directly via phishing emails that can be clicked and executed accidentally by your employees.
But there’s good news! Organisations that regularly train staff on best practice cyber security are less likely to have their information leaked through malware or phishing.
Gridware Cybersecurity conducts information security training and workshops at your business. We provide in-house training seminars for your staff to educate on phishing prevention, social engineering and best practice cyber procedures.
We summarise the most common methods of attacks, provide sample phishing emails, give examples on types of cyber attacks your business might face and provide tools and techniques that aim to prevent those attacks.
Our trainers are certified in ethical hacking and cyber security with years of experience in the industry.
Let’s make information security training a priority in your company!
Over 87% of Australian business have been affected by Cyber Crime
Australia is a large target for phishing attacks and data theft
Over 70% would readily open an unknown attachment
Most staff are not regularly trained on company policies and procedures
Whilst your employees won’t require industry certification, it does help to ensure your company has an acceptable use policy and an information security program which details what procedures are in place and what action is acceptable in any given circumstance when it comes to securing your information.
The best training to provide employees is an overview of the biggest risks your company faces, where your company sits on the cyber maturity scale so they understand their role in the security process. And finally, detailed overview of your company information security program, and how it might relate to real-world scenarios such as phishing emails, unknown USB devices and malware.
Social Engineering is a large part of the attacker focus in this current climate, so it pays to ensure your team are aware of the risks and how to mitigate them.
To speak with our expert trainers, feel free to get in touch.
Senior Management, IT teams, and all corporate employees are the primary focus of our cyber security training. We believe in a top down approach to effective cyber risk mitigation, with good practices demonstrated by management and passed down to employees.
Training should be required by all employees, with different departments focusing on threats relevant to their area, for example: finance employees need to be extra vigilant of phishing threats and CEO email scams when processing invoices. Another example is Office Managers and Receptionists should be aware of the risks posed by unknown USB devices, and not to plug in unknown USB devices on company networks.
Senior Management should undertake more in depth training of the various regulatory requirements they must comply with and how their company culture may influence various cyber risks posed in their industry.
Ensuring employees and senior management are trained in cyber security best practices will ensure your company minimises the cyber risks it faces. The benefit for the employee is they will understand the importance of keeping business critical information secure, and senior management will understand their regulatory requirements how to develop effective processes and procedures to improve productivity.
We offer training in multiple tiers. Firstly, we offer workshops and seminars at your place of business to improve staff knowledge on cyber risks that are relevant to your business and best practice solutions to help your staff mitigate those risks.
Secondly, we offer online courses aimed give staff the same knowledge with the convenience of online training. This training is an online presentation followed by a short multiple choice question assessment. All analytics and results will be provided back to you with insight into areas for improvement in your business.
Thirdly, we can tailor cyber security training questions directly to your business to use in your internal training platform.
Our rates are some of the most competitive in the industry. Contact Us today to arrange the best price for your business.
At this stage do not provide accredited certification. We can certainly put you in touch with those who can offer such services.
All of us in the Gridware team are actively involved in the training component of our services as we believe training is the key to effective governance. You can contact any of team here if you require any support of have queries regarding the type of cyber security training services we offer.
Phishing (pronounced “fishing”) is an attempt at online identity theft. Attackers will use utilise phishing through email and fraudulent websites that are designed to trick your employees to steal customer data or confidential information such as credit card numbers, passwords, account data, or other information.
Con artists might send millions of fraudulent email messages with links to fraudulent websites that appear to come from websites you trust, like your bank or credit card company, and request that you provide personal information.
Attackers will also send invoice payment reminders designed to look legitimate, from vendors you might be associated with, but with altered bank account details with the aim of tricking employees into paying those invoices.
CEO Email scams are also a common phishing attempt with over $2.5 billion lost globally to this scam. Attackers will send emails with the CEO letter head to finance employees with instructions to ‘pay the invoice immediately’.
You need to ensure you have adequate training and multiple lines of defence to prevent phishing attacks.
If your employees think they’ve received a phishing scam, they should first not open any attachments or click any links in the email, notify the internal IT team who can confirm if it is a phishing email from an unrecognised or blacklisted domain. IT should then arrange to delete the email message and block the domain from which it came to prevent future emails being received. It is very important to not click any links in the message.
Scams can be reported to the Australian Competition and Consumer Commission (ACCC) service called Scam Watch at https://www.scamwatch.gov.au
Not necessarily. Companies that are hosted on Office 365 exchange servers or Google’s Gmail service will likely have some measures to prevent phishing scams. However, most attackers will create new domains not on the blacklists and target your company bypassing standard filters.
It’s best to have an expert come in and review your existing protections and advice on more intelligent tools your IT team could implement that will detect phishing emails in the first instance and block them automatically.
"Knowing our cyber risks in software we develop, as it is being developed, means my team can get on the front foot of security and protect the clients that utilise our software from data loss. The Gridware team are the best we've worked with."
"With Gridware, we gained a valuable security partner to review our IT programs across various large projects across Australia, without having to build our security expertise from scratch. They're flexible, thorough and quick with solutions."
"Gridware is an intelligent company with top talent. We've developed an new and improve information security program with the end result being more accurate security decisions and improved processes."
With offices in Sydney and Melbourne, Gridware is all about providing leading cyber security advice for Australian businesses, helping them transform their cyber security strategy and secure their information. We services large corporations, small businesses, law firms, NGO’s, charities and startup’s.
And best of all, we’re right in the middle of some of the best innovators in the region. Apart from accommodating the best coffee and café scene in the world, Sydney CBD is Australia’s leading international financial services and technology hub that is home to over $2.5 trillion in managed funds. In addition, Sydney has a world renowned startup and technology community that have incubated locally and expanded globally, making it an ideal home for secure thinking.