Copyright © Sullivan Wright All Rights Reserved
Invest in Employee Security Awareness Training
In this Talk Business & Politics column, Sullivan Wright Technologies co-founder and partner, Chris Wright, examines how phishing and cyber scams have evolved and why people—not technology—remain the weakest link in cybersecurity.
While scams once relied on obvious incentives like cash prizes or free vacations, cybercriminals now use far more sophisticated tactics. These include realistic brand impersonations, fake order-tracking emails, and fully-replicated websites. As a result, scams are increasingly successful, with the FBI reporting at least $16 billion in cybercrime losses in 2024.
Further, cyberattacks are not limited to large corporations. Chris highlights a recent breach of a national food distribution company that forced a network shutdown and disrupted deliveries nationwide. According to Business Insider, the attack caused widespread shortages at grocery stores ranging from Whole Foods to small family-owned markets. The incident underscores how deeply cyberattacks can impact daily life and business operations.
The article explains why these attacks continue to succeed:
- Attackers target people, the most vulnerable entry point in any system
- Cybercriminals are becoming faster, smarter, and more convincing
- In 2024, up to 40% of U.S. employees interacted with fake emails
- Nearly 20% clicked on malicious links, often unknowingly spreading threats
Chris also notes that while many organizations offer basic cybersecurity training during onboarding, they often forget it amid the flood of new-employee responsibilities. Longtime employees, meanwhile, may not receive refresher training and may be focused on daily tasks, making human error more likely.
Rather than relying solely on software and technical controls, organizations will benefit most from regular, real-world security awareness training. Technology alone cannot keep pace with constantly adapting attackers, and expert-led education can build user confidence, enhance accountability, and promote consistent adherence to cybersecurity practices.
Security awareness training is no longer optional. Sullivan Wright Technologies believes it is a foundational element of cyber resilience and can mean the difference between uninterrupted operations and a complete business shutdown. By educating and empowering employees, organizations can protect their most valuable—and vulnerable—assets.
