TubbTalk 135: How to Turn Employees into a Company's Biggest Cybersecurity Asset - Tubblog: The Hub for MSPs

TubbTalk 135: How to Turn Employees into a Company’s Biggest Cybersecurity Asset

TubbTalk 135: How to Turn Employees into a Company’s Biggest Cybersecurity Asset image

In this episode, I speak to Benjamin Netter, founder of Riot. A SaaS platform, Riot on a employee cybersecuritymission to turn employees into your company’s biggest cybersecurity assets.

Riot is a Paris-based, all in-one-solution that drives better protection for MSPs, and Benjamin himself is a veteran of the IT space.

Riot is particularly useful for MSPs who want to simulate phishing attacks on clients to identify vulnerabilities and protect weak areas.

An Interview With Benjamin Netter

Watch the Interview Here

How Benjamin Created Riot

Previously, Benjamin was the co-founder of a fintech company, where they provided loans to European companies. His role was to make sure they didn’t get hacked while transacting large sums of money.

“I was pretty sure a hacker would find a loophole and have a sophisticated way of hijacking the money. And then one day an employee got a phishing email and entered their password. So I realised that I was wrong about hackers.

“They’re pragmatic. And they don’t want to waste their time looking for loopholes when they can send an email. So, I decided to attack the team one weekend, and the CFO was the first person who clicked on my email. In the end, 20% of the company were fooled by the phishing, and it was apparent that a solution was needed.”

How to use Tech to Help Employees with Cybersecurity

The Riot solution combines detecting vulnerabilities, auditing, and then finding the right way to fix it. Benjamin explains: “So you detect the employees who are vulnerable to the phishing simulation and then target specific courses to them.

“Here’s an example of how it works elsewhere with cybersecurity. We can identify Google Workspace users who don’t have 2FA activated. So we target them and guide them to set it up. It works for data breaches, smishing, digital footprint and so on. And then we can report how that’s had a positive impact on security within the company.”

The Challenges of Protecting BYOD Equipment

While Riot do their best to protect tablets, smartphones and so on, Benjamin says it’s hard, because companies don’t tend to give employees phones. “Most employees consider their phone part of their personal life, even if they use it for work. They don’t expect their employer to protect it from cybersecurity attacks.”

So, Riot use their cybersecurity companion, Albert, who is a sort of chatbot. He engages with the employees to educate them on cybersecurity. “He asks them about their phone password complexity, if they use 2FA and if their password is unique.

“Then he tries to guess it. Humans aren’t good at coming up with new passwords, so they use the same few codes every time. And that makes them vulnerable to hackers, and in turn, exposes any company information to criminals.”

How can companies make their employees their biggest #cybersecurity asset and how can #MSPs support that? Riot founder @benjaminnetter explains to Richard Tubb. Click to Tweet

How Gamification Helps Employees to Master Cybersecurity

Riot use Albert frequently to help employees better understand their cybersecurity responsibilities. “Our most important KPI is what we call the completion rate – how many employees complete a course that we send to them?

“We use Slack or Microsoft Teams to send courses, so they’re more likely to look at it. But if we send it in an email, it tends to get lost. The completion rate is currently around 86%, which is good, but I’d like it to be higher.

“Albert itself came about as a way to streamline and simplify onboarding and whitelisting Riot. Previously, there was a long tutorial, which people struggled with. Albert makes the process more fun, as well as easier to complete.” 

Supporting Employees to Better Understand Cybersecurity

The best way to help employees understand cybersecurity is to make it as quick and easy as possible. For instance, Google Workspace is time-consuming to set up. In comparison, Riot takes only a few minutes.

“So you can go from setting up your account to launching your first phishing campaign on your staff in less than ten minutes. Riot syncs with Google and Microsoft, so it’s just three clicks and away you go. And of course, you can repeat the attacks as many times as you like.”

How Riot Helps Employees with Cybersecurity Breaches

Riot detects data breaches that happen to employees based on their email addresses and phone number. “Because we sync directly with Google and Microsoft, we use that data and track in real time when your employees appear in new data breaches.

“Once you’ve been part of a data breach, it’s easier for hackers to link your personal information via your contact details. So instead of just letting people know their data has been leaked, we explain what it means for their safety and what they should prepare for.

“We also try to get the breached data to show to the user, which is a bit controversial. But if we can show them their password that’s been compromised, that’s a really good way to teach them to not use the same one every time.”

How to Connect With Benjamin Netter

How to Connect With Me

Mentioned in This Episode

You Might Also be Interested in

RICHARD TUBB

Richard Tubb is one of the best-known experts within the global IT Managed Service Provider (MSP) community. He launched and sold his own MSP business before creating a leading MSP media and consultancy practice. Richard helps IT business owner’s take back control by freeing up their time and building a business that can run without them. He’s the author of the book “The IT Business Owner’s Survival Guide” and writer of the award-winning blog www.tubblog.co.uk

All Posts

You might like:

TubbTalk 151: How to Uncover Cutting Edge Cybersecurity Solutions for MSPs image

TubbTalk 151: How to Uncover Cutting Edge Cybersecurity Solutions for MSPs

Podcasts | By Richard Tubb
TubbTalk Travelogue: MSP Show & SuperOps SuperSummit 2024 image

TubbTalk Travelogue: MSP Show & SuperOps SuperSummit 2024

Events | By Richard Tubb
TubbTalk 150: 25 Years an MSP – Valuable Lessons You Learn from Longevity image

TubbTalk 150: 25 Years an MSP – Valuable Lessons You Learn from Longevity

Podcasts | By Richard Tubb
TubbTalk Bonusode: How One MSP Expert Overcame Imposter Syndrome For International Success image

TubbTalk Bonusode: How One MSP Expert Overcame Imposter Syndrome For International Success

Podcasts | By Richard Tubb
TubbTalk 149: Why You Need to Know the Process of Process for MSP Growth image

TubbTalk 149: Why You Need to Know the Process of Process for MSP Growth

Podcasts | By Richard Tubb
TubbTalk Travelogue: Channel Live & UpLift Live 2024 image

TubbTalk Travelogue: Channel Live & UpLift Live 2024

Events | By Richard Tubb
TubbTalk 148: How High Performing MSPs Leverage People Power for Success image

TubbTalk 148: How High Performing MSPs Leverage People Power for Success

Podcasts | By Richard Tubb
TubbTalk Bonusode: The Cloud & Cybersecurity Expo: What’s New for MSPs? image

TubbTalk Bonusode: The Cloud & Cybersecurity Expo: What’s New for MSPs?

Podcasts | By Richard Tubb
TubbTalk Travelogue: The Cloud & Cybersecurity Expo 2024 image

TubbTalk Travelogue: The Cloud & Cybersecurity Expo 2024

Events | By Richard Tubb
TubbTalk 147: One Woman in Tech’s Remarkable Journey from MSP to Community Manager image

TubbTalk 147: One Woman in Tech’s Remarkable Journey from MSP to Community Manager

Podcasts | By Richard Tubb
TubbTalk 146: Growth and Success Advice from The Wizard of MSP Data Migrations image

TubbTalk 146: Growth and Success Advice from The Wizard of MSP Data Migrations

Podcasts | By Richard Tubb
TubbTalk 145: The Tech Nerd’s Ultimate Guide To IT Career Success image

TubbTalk 145: The Tech Nerd’s Ultimate Guide To IT Career Success

Podcasts | By Richard Tubb

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Share via
Send this to a friend