Updating your browser will give you an optimal website experience. Learn more about our supported browsers.
Cyber Savvy Staff Create Solid Data Defense
Phishing is easy — and that made it No. 1 among cyberattacks that resulted in data breaches in 2024, according to the Identity Theft Resource Center. But, to borrow an old saying, phishing ain’t catching.
By Kelly Lindner
At least that’s the idea. A cyber savvy staff can be a solid defense against cyberattacks.
The best way to make your employees less likely to take the bait are the 3 T’s: training, testing and trusted contact check, according to Alan Wickham, TCDRS’ Information Security Analyst.
-
Training: To guard against cyberattacks, Alan recommends sending “micro assignments” to your employees every 30 to 45 days. “Good ones take 1 to 2 minutes to complete, cover one topic and allow the team member to learn an important bit of information and take it back immediately to their work,” Alan says. There are many companies that can design these trainings for you, or you can create your own, Alan adds.
-
Testing: Sending your employees phishing simulations, or fake phishing emails, can show you who gets hooked and who reports it. Testing is how you know who needs a refresher, Alan says.
Automatic enrollment in follow-up training is also key: “Many security awareness training platforms have an automatic enrollment feature that can be enabled on phishing test campaigns, or if a user’s score falls below a certain percentage on a training assignment,” Alan says.
Who reports the phish is important, too: “Encourage your employees to report suspicious emails, even if it turns out to be spam or a low-risk [email]. Executive leadership should be your strongest advocates for reporting everything suspicious.”
-
Trusted contact check: If one of your employees receives a suspicious email, even if it’s supposedly from a team member or other trusted contact, encourage them to call that contact and confirm they sent it. Advise them not to respond directly to the email.
With training, testing and trusted contact checks your employees can help keep your organization’s data safe.
Leah Golden contributed to this article.
Related Content
Get more information on why TCDRS is a model plan when it comes to retirement.

TCDRS at Other Conferences
TCDRS Employer and Member Services Representatives are available as presenters and exhibitors at other conferences across Texas. Cont...
Read more
09.19.2023
Employees Haven’t Registered Online? Have Them Call Us!
If your employees need to make an account change or submit an application, but cannot or do not want to register online, have them ca...
Read more
12.11.2024
TCDRS Annual Conference
Registration is now open for the 2025 TCDRS Annual Conference! Join us at the Renaissance Austin Hotel on July 17-18, 2025.
Read more