Updating your browser will give you an optimal website experience. Learn more about our supported browsers.
Cyber Savvy Staff Create Solid Data Defense
Phishing is easy — and that made it No. 1 among cyberattacks that resulted in data breaches in 2024, according to the Identity Theft Resource Center. But, to borrow an old saying, phishing ain’t catching.
By Kelly Lindner
At least that’s the idea. A cyber savvy staff can be a solid defense against cyberattacks.
The best way to make your employees less likely to take the bait are the 3 T’s: training, testing and trusted contact check, according to Alan Wickham, TCDRS’ Information Security Analyst.
-
Training: To guard against cyberattacks, Alan recommends sending “micro assignments” to your employees every 30 to 45 days. “Good ones take 1 to 2 minutes to complete, cover one topic and allow the team member to learn an important bit of information and take it back immediately to their work,” Alan says. There are many companies that can design these trainings for you, or you can create your own, Alan adds.
-
Testing: Sending your employees phishing simulations, or fake phishing emails, can show you who gets hooked and who reports it. Testing is how you know who needs a refresher, Alan says.
Automatic enrollment in follow-up training is also key: “Many security awareness training platforms have an automatic enrollment feature that can be enabled on phishing test campaigns, or if a user’s score falls below a certain percentage on a training assignment,” Alan says.
Who reports the phish is important, too: “Encourage your employees to report suspicious emails, even if it turns out to be spam or a low-risk [email]. Executive leadership should be your strongest advocates for reporting everything suspicious.”
-
Trusted contact check: If one of your employees receives a suspicious email, even if it’s supposedly from a team member or other trusted contact, encourage them to call that contact and confirm they sent it. Advise them not to respond directly to the email.
With training, testing and trusted contact checks your employees can help keep your organization’s data safe.
Leah Golden contributed to this article.
Related Content
Get more information on why TCDRS is a model plan when it comes to retirement.

Rehiring Employees and Retirees
In order to avoid jeopardizing your plan’s qualified, tax-deferred status, carefully evaluate your human resource policies concerning...
Read more
09.14.2021
5 Ways Employers Can Protect Member Accounts
Numbers are a part of our lives. Social Security numbers, account numbers, phone numbers, birth dates and bank balances are tempting ...
Read more
12.29.2021
Web Registrations Start Conversations for Brazos County
For the Brazos County Human Resources department, getting county employees registered online was just the beginning of a larger conve...
Read more