In the last blog, we answered the question, why should churches care about email phishing? In it, we wrote that since the beginning of COVID, phishing attacks have gone up an estimated 600%. Leaving no industry immune to the devastating impact a successful phishing email can have.
In this blog, we want to talk about responsibility and one of the solutions to that problem.
First, all churches and organizations have to take responsibility for their cybersecurity. Here are three statistics that continue to speak directly to the problem we’re facing, as well as the situation ahead of us.
In 2019, 88% of organizations reported spear-phishing attempts. 3.5 million dollars was the estimated cost for a single human error in 2019. For an organization with 1-250 employees, roughly one and every 300 emails will be malicious. To give you context, the average employee receives more than 100 emails per day. Furthermore, most data breaches that occur resulted from an untrained human who allowed the breach to happen.
Churches must consider implementing a more robust cybersecurity strategy, which involves firewalls, hardening of IT infrastructure, email mitigation tools, and the like. However, a primary area of investment should be in training your staff.
Staff members are the front line firewall for the majority of malicious attacks. Training them to know what to look for, what to be on guard for, and how to protect your congregation from cyber threats is non-negotiable.
The next question is, how? Where do you even start? At Tactical Phish, we have created and specialize in training humans by sending nuanced phishing emails, just like the one they receive, and providing training at the point of infraction.
By implementing a training solution like ours, you’re more than likely guaranteed to protect your church, finances, and member information. We all have to appreciate some bad actors who are trying to ruin your mission.