BrightWise COO: All it takes is one mistake to let the bad guys in

White paper for credit union leaders explores employee vulnerability to cyberattacks

DES MOINES, IA (May 13, 2019) — Corey Skadburg, COO of cybersecurity training firm BrightWise, has released a white paper on the vulnerability employees pose to credit unions under attack from cybercriminals.

“More connected than ever before, the modern workforce appears to a cybercriminal the way a screen door appears to a neighborhood burglar,” Skadburg writes in the paper, “The Human Exploit: A Cybercriminal’s Smoothest Pathway In.”

Four threats targeting unsuspecting employees are addressed in the paper: Social engineering paired with phishing scams, ransomware, credential stuffing and mobile malware. The tactics that cybercrooks use to deploy each of the scams, as well as resulting costs for employers when staff fall victim to them, are described in the paper.

In addition to outlining some of the more common scams targeting employees, Skadburg offers four simple, cost-effective activities credit unions may consider for boosting employee awareness of cyberthreats:

Build a gamified leaderboard. Names of employees who do well in the training games are displayed alongside emoji-esque trophies and other digital carrots that show off their status as stand-out employees.

Train and track with on-demand content. On-demand training resources allow employees to flex awareness activities around their other obligations.

Host after-hours social events. Trivia night or another competitive activity teaches through fun.

Bait the hook and let it fly. Credit unions can deploy a few test phishing campaigns themselves, such as sending out a series of emails with subtle red flags or dropping a few USB thumb drives in common areas.

“Employee negligence is one of the biggest cybersecurity risks to U.S. businesses,” writes Skadburg. “All it takes is one mistake by an employee in the building, or another working remotely, to let the bad guys in. Often, employees don’t even realize they are engaging in risky behaviors. Leadership owes it to their members, boards and the employees themselves to invest in properly training the frontline for the inevitable cyberattack coming their way.”

Credit union leaders can download the white paper, “The Human Exploit: A Cybercriminal’s Smoothest Pathway In,” at

About BrightWise

BrightWise was formed as a joint venture with Affiliates Management Company and LMG Security. The firm, led by CEO Sherri Davidoff, an MIT graduate turned “hacker for good,” helps organizations engage, educate and empower employees on how to deal with cybersecurity threats. Online training courses for front-line associates provide meaningful content to raise threat and vulnerability awareness while also engaging employees to become their organizations’ first line of defense against cyber threats. To learn more, visit or follow the company on Twitter, LinkedIn and Facebook.


Sherri Davidoff

Kelly Moore (for BrightWise)

More News