Cyber security awareness is one of the most important lines of protection. Action is often taken to protect hardware and software against cyber threats, but many forget about how valuable it is to adequately train employees who have access to a computer and the internet.

Educating staff can be enough to prevent human errors, which provides defence against common types of attacks such as phishing and whaling. Phishing involves sending deceptive e-mails where an attacker poses as a reputable company or familiar person, and asks targets to click on links, or provide sensitive information. Whaling is similar to phishing, but targets are of a higher ranking, such as an executive.

In 2016, an Austrian plane manufacturing company, experienced a £31 million loss as a result of the chief executive falling for a whaling attack. The risks of these common attacks can be minimised drastically by just educating employees to identify patterns in phishing attacks, and the appropriate action to take to deal with them.

Some types of organisations are required by law to ensure their employees are trained in cyber security (e.g. financial and healthcare).

However, an overall acceptance of cyber security across all industries will not only improve the safety of customer data, the success rate of a security breach will be significantly reduced.

It is important to remember that cyber security awareness training is more than just one course for employees, it should be part of organisation management strategies, to address human weaknesses and provide immediate protection.

A good Cyber Security awareness course will feel much more like an interactive workshop where staff can raise questions, learn about how different types of attacks can occur, how they are susceptible and, finally, how to mitigate against them.