January 16, 2026
In today’s digital landscape, small and medium-sized businesses (SMBs) face an increasing number of cyber threats that target their employees rather than just their technology. With the majority of cyber attacks leveraging social engineering tactics, it has become crucial for SMBs to develop a robust cybersecurity strategy. In this blog post, we will explore the insights from a recent podcast discussion between Dan Thornton of Goldphish and Ilya Rubinshteyn of Aegis IT Solutions, focusing on the importance of effective training and continuous improvement in cybersecurity practices. We will delve into the human element of cybersecurity, the pitfalls of superficial compliance, the pressures driving change in the industry, and actionable advice for creating a proactive security culture.
1. What is the significance of the human element in cybersecurity, and why are 98% of cyber attacks targeting people?
The human element is critical in cybersecurity because, as Dan Thornton points out, 98% of cyber attacks now target people through social engineering and phishing efforts. This shift highlights the vulnerability of employees, who can inadvertently become the weakest link in an organization’s security. The concept of “human firewalls” indicates that while technical defenses are important, the awareness and behavior of employees are equally essential in preventing breaches. Training employees to recognize phishing attempts and suspicious activities can significantly enhance an organization’s overall security posture.
2. Why is the “check-the-box” approach to training ineffective for real cybersecurity?
The “check-the-box” approach to cybersecurity training—where employees merely watch a video or attend a seminar without engaging in meaningful learning—is fundamentally flawed. Ilya Rubinshteyn emphasizes that real security requires a shift in behavior and fostering a culture of skepticism among employees. Compliance alone does not guarantee protection; instead, organizations need to cultivate an environment where employees are encouraged to question communications and report potential threats. This proactive mindset is vital in minimizing risks associated with social engineering attacks.
3. What are the drivers of change in cybersecurity practices for SMBs?
Several factors are motivating SMBs to prioritize cybersecurity, including the rising requirement for cyber insurance and vendor compliance standards such as SOC 2. These requirements compel organizations to implement more rigorous security measures and take their cybersecurity strategies seriously. As Dan Thornton notes, the financial implications of not adhering to these standards can be significant, pushing SMBs to move from a reactive to a proactive stance in their cybersecurity efforts. This shift is crucial for safeguarding sensitive information and maintaining customer trust.
4. How can SMBs implement actionable advice to bridge the gap between knowledge and action in cybersecurity?
To effectively address cybersecurity risks, SMBs must transition from merely being aware of their vulnerabilities to actively mitigating them. This involves implementing continuous testing and training programs that keep employees engaged and informed about the evolving threat landscape. Regular simulations of phishing attacks, role-playing exercises, and ongoing education can help reinforce the lessons learned and promote a culture of vigilance. By making cybersecurity an integral part of the organizational culture, businesses can empower their employees to act decisively in the face of potential threats.
Conclusion
In conclusion, developing an effective SMB cybersecurity strategy requires acknowledging the human element, moving beyond superficial training compliance, and recognizing the external pressures that drive change. By fostering a culture of continuous improvement and engagement, businesses can equip their employees with the knowledge and skills to act against cyber threats proactively. The journey from knowledge to action is not just beneficial—it’s essential for safeguarding the future of small and medium-sized enterprises in an increasingly hostile digital environment.
