Security Awareness

Our IT security experts will be happy to advise you.

Between 50 % and 90 % of all data thefts and malware incidents are due to misbehaviour on the part of employees. They use passwords that are too simple, fail to recognise phishing attacks or carelessly download (automatic) malware – incidents that can largely be prevented.

Our IT security consulting for your business

Cyber pirates operate in a sophisticated manner. Employees should be too.

Just as a leak in the hull can be devastating for a ship, data leaks can be just as threatening for companies. One of the biggest weak points is careless and ignorant users. They fall for phishing emails, use contaminated USB sticks, provide information about sensitive company information online and over the phone or share their access data straight away.

The vast majority of all data leaks and thefts – studies speak of up to 90 % – only occur because people can be successfully manipulated. Attackers are extremely successful in using fake emails and websites (phishing) to steal data or distribute malware.

Sensitive data requires just such handling.

Various technical tools are available to make a company less susceptible to such attacks. These range from modern endpoint detection and response systems to intelligent email filters and web isolation. These and other measures can certainly increase the level of security in the company, but usually do not offer sufficient protection against the variety of social engineering attacks. This is precisely why it is worth investing in educating and sensitising users. This should be needs-based and tailored to the individual target groups. It is also important to ensure the continuity of core messages, variety of content and the right media mix.

Management Awareness

Management awareness is a key issue for several reasons. A basic awareness of security issues is usually a prerequisite for obtaining the means to implement the corresponding measures. In addition, managers act as role models and are highly attractive targets for social engineering attacks due to their access rights, decision-making powers and increased travelling. For these reasons, sensitising management through targeted security awareness campaigns is also essential. This also applies to administrators and users with privileged access rights.

Phishing Tests

Phishing tests are a simple and effective method of checking employees’ susceptibility to phishing. If the tests are repeated after some time, progress can also be measured. However, companies should not stop at the tests, but integrate them into an overarching awareness programme with corresponding training elements.

From a business perspective

Creating awareness. From the bridge to the engine room.

Protection against cyberattacks is not just a matter for IT; resilience and defences must be in place for all stakeholders across all hierarchical levels.

Raising employees’ awareness and understanding of the risk of attacks leads to more responsible, attentive behaviour and prevents not only serious material damage but also immaterial damage such as loss of reputation.

One thing is clear: if you make your employees click through a web-based training course once a year, you won’t achieve any of this. A continuous and varied top-down confrontation with the most important behavioural principles is absolutely necessary to achieve this goal. However, this does not have to be expensive.

May we personally provide you with arguments in favour of ensec? Please contact us.

Write to us

Or give us a call: