Cybercrime events are on the rise as major hacker groups have formed an alliance to target some of the biggest companies in the world. On October 3, 2025, one of the worst leaks in recent years took place as 39 top corporations, including Toyota, FedEx, and Disney/Hulu became victims of a data breach. The culprit? A collective called The Trinity of Chaos, comprised of three of the most infamous cybercriminal gangs namely Lapsus$, Scattered Spider, and Shiny Hunters. All 39 companies are reportedly being forced to meet the group’s demands, and if their terms aren’t met, The Trinity of Chaos promises to expand the leak, potentially exposing 1.5 billion records from 760 companies.
In the coming weeks, it is expected that major corporations will be reinforcing their security strategy as a preemptive response to the widescale leak. Investing in cybersecurity systems can help to thwart hacking attempts, but since most data leaks are caused by human error, it’s important to take a proactive approach and provide regular cybersecurity training to employees. Implementing a robust cybersecurity training program can help to mitigate risks, so here’s how to train your workforce and build a cyber-savvy team.
Gain Insight into Employees’ Susceptibility to Cyber Attacks
Most employees are susceptible to phishing and malware attacks since factors like fatigue and multitasking makes them more vulnerable at work. What’s more, since cybercriminals are using increasingly sophisticated and convincing techniques to get people to click on malicious links, those who lack knowledge on basic cybersecurity practices may mistake phishing emails or harmful links for the real thing. According to a recent study, 71 percent of new hires fall for phishing attacks, and 44 percent of new employees are more likely to click on malicious links than experienced staff.
Assess your team’s susceptibility to phishing attacks to see if they lack basic cybersecurity training or if any of their work activities or habits present a significant security risk. Are there any employees who are constantly on multitasking mode? Has anyone clicked on a suspicious link recently, and if so, how many of your employees clicked on a malicious link? Do you suspect that some of the threats could be coming from inside? Getting answers to these questions allows you to identify crucial factors that could pose a risk to the business, and create a cybersecurity training program that’s tailor-fit for your organization.
Get Leadership Onboard
Before starting your training sessions, be sure to get leadership onboard as everyone in the company needs to participate and learn cybersecurity protocols. Getting full support from business owners, CEOs, and department heads allows you to set a company-wide culture of cyber awareness, and it also helps you secure a budget and essential resources for the program. More importantly, when business leaders visibly and loudly champion cybersecurity, it sends a clear message to employees that protecting sensitive data is a top priority. It also makes everyone aware that everyone, from the CEO to entry-level workers, is responsible for keeping data secure.
Once you get the green light from top management to start training sessions, collaborate with in-house IT or cybersecurity personnel to create your training program. If your company does not have a dedicated cybersecurity team to assist you with training module creation and hands-on activities, consider using managed security awareness training solutions that are designed, built, and managed by experts. These solutions contain approachable and engaging content that is easy to understand, and it also provides phishing simulations based on real world threats. Having access to this type of resource can be invaluable, especially if no one in your organization is equipped to handle cybersecurity training.
Encourage a Culture of Safety
Encouraging a culture of safety helps prevent employees from making a costly mistake, so always remind them that when it comes to cybersecurity, it’s always better to be safe than sorry. Teach your staff to report suspicious links or emails to IT as soon as they receive them instead of just deleting or ignoring them. If they receive an unusual request from a team member or management via email, instruct your team to verify the request through a different form of communication, such as through a text message or phone call instead of replying to the email. Also, keep employees posted on the latest cybersecurity trends, threats, and online scams so that they’re aware at all times.
Your employees should be your first line of defense against cybercrime. Build a cyber-savvy team through proper training, and create a culture of cyber awareness in your organization to preserve your business’s reputation and prevent financial loss.