Why Testing Employee Behaviour Improves Security
November 8, 2019

Employees play a vital role in an organization’s overall security. According to Statistics Canada, the majority of large (91%), medium-sized (83%) and small (72%) businesses in Canada reported having employees primarily responsible for the overall cybersecurity of their business in 2017. To strengthen user security, organizations should supplement employee awareness training with cybersecurity testing. Testing is a great way for organizations to establish a baseline of user behaviour to determine how users respond to potential threats. Without evaluating employees, organizations won’t be able to make impactful changes on how to improve.  Testing also helps organizations determine the effectiveness of their training.

Source: Statistics Canada

How to Test User Behaviour

Organizations can test employees through various means such as online quizzes on common cyber threats or through simulated phishing. Simulated phishing exposes employees to the latest phishing threats by sending mock phishing campaigns to employee inboxes and tracking who clicks on phishing links.

Our new security product Secure IT – User Defence features both of these elements. With Secure IT – User Defence, organizations can train and test employees, as well as monitor the dark web for stolen credentials. User Defence includes simulated phishing emails that can be customized and online training that includes quizzes to validate retention of content.

Reinforce Best Practices

Social engineering attacks are incredibly dangerous because they rely on user error or lax user behaviour in order to work. Testing can help users adhere to good security practices and help change their behaviour so that they remain more alert against these types of attacks.

Engaging employees with simulated phishing emails allows them to feel real consequences in a safe environment. Simulated phishing attacks give employees an idea of what phishing emails look like and help them spot common signs that indicate a potential phishing attack. Over time, this will help employees develop the habit of carefully inspecting emails before they respond or click on any links.

Improve Security Culture

Testing employees also helps develop an organization’s security culture. It gives organizations an opportunity to openly discuss issues of security and show employees how they play a role in keeping your company safe.

Testing is a good opportunity for organizations to create teachable moments for their employees. If more employees are responding to a specific type of threat, think about why. Is it because the threat appears to be from an executive? Does the word “urgent” in the subject line make them want to click? These are things you can look out for and talk to employees about.

It’s important to not shame or punish employees for failing a test as it can discourage employees from reporting security errors and make security feel more of a taboo topic. Testing is about making sure employees stay safe in the office and in their personal lives. It’s not about tricking them into falling for these threats. The purpose of testing is to them aware of current cyber threats and to empower employees to take action when they encounter them.

You May Also Like…


Submit a Comment

Your email address will not be published. Required fields are marked *

Solutions to Grow Your Business

We've got you covered with our comprehensive portfolio of solutions.

Cybersecurity Solutions

Cyber Incident ​Response
Endpoint Detection and Response (EDR)
Extended Detection and Response (XDR)
Firewall Security
Mail Security
Penetration Testing Services
Security Baseline Assessment
User Defence
Vulnerability Detection Response (VDR)
Wi-Fi Security

Backup & Recovery Solutions

Hybrid Backup
Enterprise Backup
Mail Archiving

Public & Private Cloud Solutions

Azure Management and Monitoring
Microsoft 365 Administration
Private Cloud
Microsoft CSP

Helpdesk & Field Services Solutions

Professional Services & Consulting Solutions

Monitoring & Management Solutions

Hardware Maintenance Solutions

Application Management Services

Telco Industry Solutions

AI Business Solutions

Your partner in digital transformation

Helping the next generation of MSP and IT solution providers transform and grow.

businessmans handshake

Types of Partners

Managed Services Provider (MSP)

Internet Service Provider (ISP)

Value Added Reseller (VAR)

businessmans handshake

Partnership Overview

Jolera’s partner program offers flexibility to engage with us on your terms. We have spent more than two decades building award-winning best in class partner enablement and turnkey end-customer solutions for you.

Partner Program

Jolera has three partner programs to choose from: Select, Preferred and Premier.

Learn about us and the legacy we have created

At Jolera, we treat each MSP partner with specialized care. With more than 20 years of IT experience, we offer the latest technology to navigate cloud, security, endpoint, and storage needs.

vintage pocket watch vintage background concept

About Us

Jolera is widely recognized as a global managed services leader. We started as managed services provider over 20 years ago and have been at the forefront of managed services innovation ever since.


Our People

As a service provider our main goal is to make the customer happy. For that final goal, we need passionate and happy people working with us – Our People Are Our Biggest Asset.


Our Leaders

We are performance driven at the core - tying together best of breed technology and industry leading expertise with pragmatic processes built to deliver outcomes.

Meet Our Leaders!