New Member of Staff... New Security Risk?

When a new employee joins your business, you’re probably thinking about laptops, logins, and a smooth introduction to the team. But there’s something many businesses overlook during onboarding: cyber security.

Those first few months are actually one of the riskiest times for your business. And cyber criminals know it.

Recent research shows that 71% of new hires fall for phishing or social engineering attacks within their first 90 days. Even more concerning, they’re 44% more likely to click on a malicious link than established staff.

Why? Because new starters are under pressure. They’re eager to make a good impression, they don’t yet know what’s normal, and they’re keen to follow instructions. Attackers exploit this uncertainty with convincing emails and messages — often pretending to be from HR, IT, or senior managers.

Fake HR portals, urgent invoices, or requests for sensitive details… all common tactics. And when attackers pose as executives, new employees are 45% more likely to fall for it.

That’s a big problem. But it’s one you can do something about.

Secure Your Onboarding Process

Cyber security training shouldn’t wait until new staff “settle in”. Early education is essential. Teach new hires how to spot phishing attempts, what suspicious messages look like, and where to report them.

Businesses that build this into onboarding see real benefits. Studies show that tailored security training and phishing simulations can cut phishing risk by 30% during onboarding.

Yes, strong software and firewalls matter. But your people are the first line of defence. And right now, your newest people may also be your weakest link — unless you give them the knowledge and confidence to protect your business from day one.

Want to strengthen your onboarding security? We can help you set up effective training for new hires and make sure your business is protected. Get in touch today.