Tech Tips

April 13, 2022

The Top 3 "Buts" Companies Give for Not Training Employees on Cybersecurity

Training employees is one of the most powerful cybersecurity measures you can take. Yet many businesses won't do it. Why not?

Training employees on how to spot cybersecurity risks is one of the two most important things you can do to protect your company from cyberattack. (The other, of course, is keeping .)

However, in our experience, only about 5% of companies actually offer employee cybersecurity training.  What do we hear from the other 95%?


"We're too small to hack."

In the cyberattack world, every business has some sort of valuable information or data. In fact, since smaller businesses typically have less robust defenses than big companies, they get hit a lot.


"Our employees are smart.” 

It's not so much a question of being smart, as it is being aware.  Are they aware of the latest methods cybercriminals use to trick people?  Are they so smart they won’t accidentally click on malware while shopping for chocolate Easter bunnies on their break?


"We have a firewall and antivirus."

Great, but neither solution can completely protect against social engineering.  Phishing emails that employ social engineering have high success rates and cost businesses millions every year.


Employee Cybersecurity Training for your team takes just 1.5 hours and costs only $500.  Plus, it can reduce your .  Really, there are no buts about it!




Do you have an "everyday IT" question you want answered? Send it in to and it may show up in Magpie's next Tech Tip / Cyber Fu Tip.


Robert Douglas, IT Consulting Team Lead