As IT security professionals, our focus every single day is keeping our clients safe, secure, and productive. As cyber criminals become more sophisticated, we’re constantly monitoring threats, identifying vulnerabilities, and mitigating risk.  

But the fact of the matter is, no matter how secure your network is from a technological standpoint – human beings (a.k.a. you and your team) are always going to be a potential vulnerability. Whether it’s through phishing, social engineering, or other tactics… your cyber defenses are only as good as their weakest link. And that weakest link is always going to be the people – yourself included – on your team. 

It’s impossible to completely eliminate that risk. But there is a whole lot that you can do to mitigate that risk and strengthen your defenses. At Proactive IT, we work with our clients’ teams to help them identify and avoid potential threats.  

We do this by providing monthly training to each employee, and then by running tests to help them stay sharp and to identify vulnerabilities.  

Here’s how we approach it: 

First, we provide monthly training to employees in which we cover security basics, remind them of best practices, and keep them apprised of the latest threats and scams that we’re seeing. They have the opportunity to ask questions and we make sure they’re up to speed. 

Then, we test. Throughout the month, we send phishing messages to the employees. Our system keeps track of who responds and who clicks. We don’t do this to be punitive – we do it to identify vulnerabilities and then we direct additional training resources to anyone who needs it.  

Ongoing, systematized training and testing don’t completely eliminate the possibility of human error. None of us are immune from making a mistake – you and I included. But regular training helps to keep employees vigilant and it helps them to spot scams and phishing attacks that they might not otherwise recognize.  

Human error is the biggest security vulnerability in any organization, and it probably always will be. You can’t eliminate the risk, but you can and should reduce risk through testing and training. And your IT vendor should be helping you do this. 

What is your IT team doing to improve your cyber security by reducing human error? If you’re not sure, take a moment right now and ask them. It’s too important to ignore.  

If you’d like to have a conversation about cybersecurity in your business, please reach out to us via email at or 704-464-3075 extension 3.       

Dedicated to IT security and productivity,   

– Steve 

Steve Kennen, president of Proactive IT and cybersecurity expert

About Steve Kennen

As an expert in information technology infrastructure management, cybersecurity, and cyber risk management practices for small businesses, Steve spearheads initiatives that keep his clients secure and their business operations running smoothly. His core message is that the details matter.