SLOCOE has begun a Cybersecurity awareness training program for all new and existing employees.
The purpose of the program is to raise the awareness of all SLOCOE employees regarding cybersecurity threats. The initial focus will be on identifying “phishing” emails.
SLOCOE utilizes Knowbe4.com software for this program.
The program began by sending out “fake” phishing emails to all employees – cleverly these emails are all different and sent at random times so employees can’t “compare notes” with coworkers. The result of this initial attempt to lure employees to click on links is converted to a percentage enables us to determine a “vulnerability benchmark” of county office staff. In our case about a third of employees clicked on links. (these were harmless links in this case)
We are now in the “training” stage where every employee will watch, and answer questions, during a 45-minute cybersecurity video. When this phase is complete additional “fake” phishing emails will be sent to employees. If training is effective the percentage of “clickers” will be reduced.
We will then target the “clickers” with additional training until all staff are able to consistently identify email phishing. The goal is to get the percentage of clickers down to zero. 🙂
This raised awareness will be of value to staff in the completion of their professional duties as well as defending against phishing attempts in their personal email accounts.
Periodically some additional training will be required to keep employees updated on current cybersecurity threats.