Skip to the main content.

2 min read

How to Train Your Staff About Internet Security

We often see stories in the news about companies around the world falling victim to hackers, viruses, ransomware and malware.

training about internet security

But what we see in the news is just the tip of the iceberg – the high-profile cases. In fact it’s estimated that cyber crime costs companies around the globe around $400 billion every year in terms of the amount of damage sustained directly by the attack, and then mopping up afterwards.

While hackers are using many sophisticated methods to try to gain access to organizations’ IT systems, the fact is around 59 per cent of attacks take place because an employee has clicked on a link or opened an attachment they shouldn’t have.

In many cases, this may have been preventable if staff had appropriate training around cyber security. Hackers are able to take advantage of employees’ lack of awareness around security and they fall victim to things like phishing attempts or click on websites or open attachments that they shouldn’t.


Educating your staff on their responsibilities around security is often only done as part of an induction process when they begin working with the company – if even that – and is treated as a “set and forget” factor of their employment. Other times security protocols might be communicated by being placed on the company's intranet site and not easy to find.

The information might seem technical and boring and might not be easy for employees to consume.

All of these are challenges for the modern day workplace – the reality is you need to keep having the conversation around cyber security with your employees as it’s an ongoing and ever-evolving issue.

Organizing effective training

It’s much easier to train your staff so you can avoid a data breach than it is to repair the damage when it’s too late. Some of the ways you can effectively educate your staff include:

  • Having a regular discussion with employees about cyber security, spelling out their obligations and clearly explaining the impact to the organization if they help facilitate a data breach.
  • Have clear policies that are easy to understand and easy to locate
  • Find creative ways to communicate hints and tips to staff, such as using DeskAlerts pop ups or corporate screen savers to reinforce your messaging.
  • Remind them that while you have robust IT systems in place, the business’ system is only as strong as its weakest link.
  • Have different information sessions to teach staff around different kinds of IT attacks. Keep in mind that you have new staff starting all the time, so this should be ongoing.
  • Assume that you will be attacked and have policies in place staff can easily access in the event of an attack with step-by-step instructions on what to do.
  • When there is a security threat, communicate with staff as quickly as you can - it's a good idea to have an internal communications plan in place for this eventuality.
  • Regularly test your staff on their cyber security knowledge – consider quizzes and trivia to make it fun.
20 Best Safety Tips for Work in 2024

7 min read

20 Best Safety Tips for Work in 2024

Workplace health and safety is important for every organization, no matter how big or small. Employers have legal and moral obligations to keep their...

Read More
Safety Moment Ideas

13 min read

Safety Moment Ideas

Creating a safe workplace for your employees is essential. Not only are there legal and moral obligations to do so, but when you have a safe...

Read More
Advantages And Disadvantages Of Email Communication In The Workplace

9 min read

Advantages And Disadvantages Of Email Communication In The Workplace

Email is still among the most widely used communication tools in the workplace today. However, while email is still the go-to medium for a lot of...

Read More