A recent report showed that 33% of SMBs do not receive cyber security training. This is to be expected because many SMBs lack the resources to properly train their teams. But when you take into consideration the fact that a majority of breaches are due to human error, it becomes apparent that to protect their businesses, SMBs should start with their employees. Your team is often the first and most important line of defense against cyber treats. Here are five signs to look out for if your team needs training.

1. Passwords Are your team member’s desks covered in post-it notes with their passwords? Have you ever enforced a password change? Are some of your team still using the passwords they were given when they first started? If any of these are true, then your team definitely needs to understand the importance of password strength.
2. Lost Files How often does your team lose files or data? Are you frequently having to help your team members find the right data in their computers? Is there an order to your files? Data is valuable and lack of care or concern for this data points to a bigger lack of awareness surrounding data breaches.
3. Mobile Devices or BYOD Policies If your company provides mobile devices or tablets or you have a “Bring Your Own Device” policy, then it is essential that you hold a cyber security training. Mobile devices exist outside of your protected network and therefore, are more at risk to hacks or stolen data. If one of your mobile devices is hacked or data is stolen from an employee phone they use for work, you will still suffer damage, even if your internal infrastructure is protected.
4. A Tendency to Click, Forward and Open Emails Employees are almost always well-intended. They want to do a good job for you and your business. So perhaps when an email comes into their inbox, they don’t even think twice about clicking “Open” because they don’t know if the email is from a potential or current customer. Even if your employees have the best of intentions, they are a threat if they do not understand the latest phishing or email scams.
5. It’s Been Months Since Your Last Training We are five months into 2017 and there have already been an impressive number of hacks and attacks and major changes to regulations. Cyber criminals get smarter every day and regulations evolve almost as quickly as hacks occur. If you haven’t had a cyber security training in a few months, or ever, then it’s probably time to add one to the calendar. There is no harm in refreshing on the concepts and ensuring that your team is up to date on the latest scams and policies.

Remember, your employees are the biggest protection you have against cyber attacks and hacks. Help them to be the toughest security system by holding useful trainings on a regular basis.