After 3 Vistage meetings this week where Technology Strategic Planning speaker, Joe Beaulieu,  spent at least 40 minutes discussing Cybersecurity, I came home to find a phishing email addressed to 2 of the meeting attendees from a third. I texted the supposed sender with a photo of the email and he immediately replied “phishing”.

Now we are on a hunt as to whose email has been attacked. During our meetings, an informal poll found that we all felt that phishing attacks were way up. Speaker Joe Beaulieu confirmed that 50% of cyber incidents come through phishing. And that it is us, the people, who are the weakest link. So what can we do about it?

Start training your team regularly, perhaps weekly and reward immediately phishing reports when identified.  Joe recommended KnowBe4 for phishing education and training. Further, can you gamify smart performance? I’m sure my Vistage Members are tired of my frequent suggestions to gamify the behavior you want/need to be successful, but hey, work can get boring. Did you ever notice that people love to bet on ridiculous things? Can we take that natural human tendency and put it to use? If you won an award for perfect attendance in grammar school, do you still have it in a box with old pictures somewhere? Joe said a company he worked with gave small trophies for team members who went 2 years without falling for a phishing email sent out for real or by their IT staff in routine testing. They loved getting the $2 trophy. No monetary reward – just the recognition.

Don’t wave this aside thinking you are “too small” for a hacker to be interested in you. A guy living in his parents’ basement would be only too happy to hold you up for $30k. Or $3 million. There are stories every week of companies being shut down while they try to find a clean backup or are negotiating with a perp. Prevention training (and gaming) is a lot cheaper than that.

If you are not a subscriber to BIZPIE blog, you can subscribe here. If you want to learn more about Vistage, click here.


Image courtesy of