A man in a suit looks thoughtfully at a laptop. Text reads NEW STAFF with a green arrow pointing at him, and SECURITY RISK with a red arrow. The blue comic-style background highlights how new staff can present new cyber security risks. Logo with an orange dot in the corner.

09 Oct New member of staff… new cybersecurity risks?

Posted at 12:03h in Cybersecurity by

Cybersecurity risks are often not a primary concern when welcoming a new staff member. Instead, the focus is usually on getting them set up with the right tools—a laptop, email account, access to systems, and a warm introduction to the team.

However, the reality is that the first few months of a new employee’s journey are one of the riskiest times for your business’s digital safety. And it’s a risk that many companies don’t even realise exists.

The Hidden Threat of Onboarding

Recent research has revealed a concerning trend: 71% of new hires fall victim to phishing or social engineering attacks within their first 90 days.

Why? Because cyber criminals know that new starters are still finding their feet. They’re eager to make a good impression, unfamiliar with internal processes, and more likely to follow instructions without question.

That makes them prime targets for scams that appear to come from HR, tech support, or even senior management.

How These Attacks Work

Scammers send emails that look legitimate – asking your new hire to update details on a fake HR portal, approve a bogus invoice, or respond to a request from a “manager” for sensitive information.

Because your new employee hasn’t yet learned what’s normal or who’s who, they’re 44% more likely to click on these traps than seasoned staff. And when attackers pose as company executives, new starters are 45% more likely to be fooled.

That’s a significant vulnerability during the onboarding process.

What Can You Do?

The key is to act early. Training to help them recognise cybersecurity risks shouldn’t wait until your new hire has “settled in.” Those first few days are exactly when they need clear, practical guidance on:

  • Spotting phishing emails
  • Understanding how cyber criminals operate
  • Knowing what to do if something doesn’t feel right

Businesses that take this seriously see real results. Companies that provide tailored security awareness training and run realistic simulations for new staff see their phishing risk drop by 30% after onboarding.

That’s a huge improvement—and it shows that a little extra effort at the start can protect your business in a big way.

People First, Tech Second

Yes, tools like firewalls and antivirus software are essential. But they’re not enough on their own. Your people are your first line of defence—and your newest people might be your weakest link unless they’re properly equipped.

 

If you’d like help setting up clear, effective training for new starters—or want to explore ways to make your business more secure—we’re here to help. Get in touch today to find out how we can support you and your team.