A recent study has revealed that new employees are more likely to engage in risky cybersecurity behaviors compared to their veteran counterparts. One of the primary reasons for this is that new employees are not familiar with the organization’s policies and procedures, according to Michal Gil, head of product management at CybeReady. For instance, a new employee may receive a phishing simulation email instructing them to upgrade or reset their Teams password. Unaware that the organization uses Slack instead of Teams, the new employee may fall for the phishing attempt.
Another contributing factor is that new employees are not well-acquainted with their colleagues. Gil shared an example of a new employee in their company who received a phishing email from someone posing as the CEO, asking her to purchase gift cards. Eager to please and make a good impression, the new employee clicked on the phishing email and was ready to buy the gift cards. New employees often want to prove themselves as loyal, professional, and dedicated, making them more susceptible to phishing attempts.
A separate report found that 50% of the top phishing email subjects globally pretend to come from an organization’s HR department. This highlights the importance of educating new employees about cybersecurity risks and the organization’s policies. It is crucial for companies to prioritize cybersecurity training for new hires to mitigate the risk of falling victim to phishing attacks and other cyber threats. By fostering a culture of cybersecurity awareness, organizations can better protect their sensitive information and digital assets.
Source: Canadian HR Reporter
To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net or you can try your self using check.website.