Propel provides innovative insurance solutions to thousands of companies across the country. We make it our business to know your world inside and out.
In 2017, the Payroll Account Manager of Scotty’s Brewhouse in Indianapolis received an email from someone claiming to be the company’s CEO. The email requested the employee send a copy of 4,000 employee PDF formatted W-2 forms. The employee replied to the email with a copy of all 4,000 employee W-2 forms; therefore, leaking all 4,000 employee W-2 forms; therefore, leaking all 4,000 employee’s personal information. The Scotty’s Brewhouse employee was under the assumption that the email was truly from the company’s CEO and then discovered that they fell victim to an email phishing scam. Although Scotty’s Brewhouse did not disclose the total cost of repairing the damage, according to the 2017 Enterprise Phishing resiliency and Defense report, “the average cost of a phishing attack for mid-size companies is 1.6 million dollars.”
Today, companies all over the world are being affected by data breaches because of human error. Unfortunately, events similar to what happened to Scotty’s Brewhouse is happening more often than ever before. According to Ponemon Research Institute, “Mistakes by employees account for one-quarter of data breaches.” It is crucial for companies to invest time and money into training their employees about the importance of cybersecurity and how to avoid becoming the next victim of a cyber scam.
Not surprisingly, 91% of cyber-attacks start with a phishing email. With lack of training, hackers are taking advantage of innocent employees. All levels of management and employees need to be trained on how to avoid attacks caused by human error. Travelers Insurance created an extensive list that highlights cyber-security topics that companies should train their employees.
- Responsibility for company data
- Document Management and Notification Procedures
- Unauthorized Software
- Internet Use
- Social Engineering and Phishing
- Social Media Policy
- Mobile devices
By training employees on cyber security, you and your employees will be able to avoid being scammed and improve your company’s cyber security culture.
Cyber security training not only benefits your company and employee’s safety but the reputation of your company. If your company is impacted by a malicious attack, your reputation may diminish because current and potential clients may assume that their information is not well protected from potential threats. If you have any questions about cyber coverage or to ensure you’re covered, Propel’s experts can help.
Makayla is the Marketing and Branding Coordinator at Propel. She is a recent graduate from University of Washington in Tacoma with degree in Business Marketing.