Lumina Technologies logo
Support
Lumina TechnologiesCybersecurityWhy the Digital Skills Gap is Putting Us All at Risk and How We Can Stop It

Why the Digital Skills Gap is Putting Us All at Risk and How We Can Stop It

8 April 2025
Get in touch

Share on social..

Part of Lumina’s ‘Digital Skills Gap’ Series on LinkedIn

The Digital Skills Gap: How to Combat Human Error with Empathy

We’ve all mastered sending emails, creating spreadsheets, and managing our workloads online. Most of us have picked up these skills through formal education, workplace training, or simply by figuring it out as we went along.

But who taught us how to spot a sophisticated scam?

When did anyone explain how scammers and cybercriminals create perfect replicas of legitimate emails or invoices?

Where was the lesson on protecting our digital identities?

This growing divide between our digital capabilities and security awareness is the real cyber security crisis facing businesses today.

The Hidden Gap Between Using Technology and Protecting Ourselves From It

Our education about cyber threats simply hasn’t kept pace with how quickly technology has evolved and how sophisticated scams have become. Meanwhile, our work environments demand speed:

  • Responding to client emails as soon as possible
  • Processing requests promptly
  • Making quick decisions to keep work moving along

Is it any wonder that 84% of UK business breaches in 2024 began with phishing scams? The system itself is setting us up to fail.

Traditional security approaches make this worse by treating people as the weak link rather than acknowledging reality: we’re asking people to use technology at speed without adequately equipping them to protect themselves.

It’s like teaching someone to drive without explaining traffic laws, then blaming them when they get into an accident.

The Impossible Security Standard

“Make sure you check every email carefully before clicking.”

This advice sounds reasonable until you count how many emails the average professional receives daily: 32.

That’s 32 opportunities to make a mistake. Every. Single. Day.

Now factor in:

  • Monday morning catch-up after a weekend away
  • Month-end deadline pressures
  • Client ’emergencies’ requiring immediate attention
  • The additional instant messages you receive throughout a standard day

Is it realistic to expect flawless vigilance across all these scenarios, 100% of the time?

Many businesses fall into the trap of treating security as a one-time checkbox rather than an ongoing commitment. They conduct annual security training and then expect employees to be completely security conscious for the next 12 months.

It’s the equivalent of attending a single driving lesson and then being expected to navigate perfectly through rush-hour traffic in central London every day without incident.

The Human Moments Behind Security Breaches

Let’s look at what happens in real workplace scenarios:

The Monday Morning Rush

Sarah, an account manager at a small consulting agency, is running late for her 9:00 AM client meeting. On the train, she quickly scrolls through the weekend’s emails. One catches her eye – an invoice from their largest client marked “URGENT: Payment Overdue.”

She clicks to open it. The email looks identical to previous ones from this client. She downloads the invoice and forwards it to accounts with a note: “Please process this immediately – I’m heading into a meeting.”

By lunchtime, scammers have spread ransomware through the company network. Client information is compromised. Systems are locked.

Sarah isn’t careless or untrained. She’s simply human – trying to be responsive and efficient in a rushed moment.

The CEO Fraud That Worked

“I need you to handle an urgent wire transfer.”

Mark, the financial controller, receives this email from the CEO at 4:48 PM on Friday as he’s wrapping up for the weekend. The email explains:

  • The company is about to acquire a small competitor
  • The deal is highly confidential
  • An immediate deposit of £145,000 is needed to secure the agreement
  • This needs to be done before close of business

Mark is surprised but not suspicious. The company has been discussing growth opportunities. The CEO often moves quickly on strategic decisions. Plus, the email looks completely legitimate – same email address, same signature block, same writing style, it even has the CEO’s picture!

He processes the transfer. By Monday morning, the money is gone. There was no acquisition. The CEO had never sent the email.

What happened? Scammers had monitored the CEO’s communication style for weeks, created a perfect replica of his email address with one hidden character difference, and struck during the end-of-week rush.

Mark wasn’t careless or untrained. He’d worked at the company for 11 years with an impeccable record. He was simply human – trying to be responsive to what seemed like an important request during a rushed moment.

We Need to Stop Expecting Our Teams to Be Perfect…Especially Without Adequate Security Awareness Training

“I don’t think I can put into words how I felt,” says the CEO of a UK company, describing the moment he learned his business had lost £1.6 million in just 20 minutes.

His financial controller – an experienced professional – had been targeted during a normal workday.

“I felt for my employee who had fallen victim…”

Imagine being that employee. One moment you’re doing your job, the next you’ve become responsible for a massive company loss. The guilt. The self-blame. The knowledge that your simple mistake has put jobs and the company’s future at risk.

When was the last time you scrutinised every single email during a busy workday?

The truth? We’re all rushing today due to work and life demands. We’re all human.

Think about your own team:

  • The sales director checking emails between client meetings
  • The finance manager processing multiple invoices during month-end
  • The project manager coordinating deliverables under tight deadlines

Each of these dedicated professionals could be one rushed moment away from making a mistake that keeps them – and you – awake at night.

To be clear, this is not about taking all cyber security responsibility away from individuals – it’s about acknowledging that we are human, living in a digital world designed to trip us up.

The Solution: Security That Works Even When We Make an Innocent Mistake

This is where technology must do better at protecting us. Traditional security isn’t working anymore because it relies on people being perfect 100% of the time. We need solutions that shield us not just from faceless scammers, but from our own very human moments of distraction or pressure.

The solution lies in using modern security and creating an ongoing security conscious work culture.

How Phishing-Resistant Security Works

Unlike passwords that can be stolen or forgotten, phishing-resistant security technologies like passkeys and FIDO security keys tie authentication to specific devices, making them resistant to phishing by design.

Passkeys: Authentication without Passwords

When you create a passkey for a website or application:

  1. Your device generates two cryptographic keys – one public, one private
  2. The private key remains securely stored on your device, protected by your fingerprint, face scan, or device PIN
  3. The public key is sent to the website or app and associated with your account

When you later log in:

  • The website sends a random challenge to your device
  • Your device uses the private key to create a unique signature for this challenge
  • The website verifies this signature using your public key
  • No secret information is exchanged during the process

This creates several security advantages:

  • Phishing protection: Even if you’re tricked into visiting a fake website, your passkey cannot be stolen because no secret information is exchanged during the authentication process
  • Breach protection: If a company’s database is compromised, attackers only get public keys, which are useless without the private keys on your devices

FIDO Security Keys: Physical Protection

For organisations needing the highest level of security, FIDO security keys take protection a step further by putting phishing-resistant technology into a physical device you can carry with you:

  • They store digital credentials on a physical device
  • They use the same public key cryptography as passkeys
  • When logging in, you simply insert the key and tap when prompted
  • Current models can store up to 25 different account credentials
  • They function across all your devices
  • They can be physically removed when not in use
  • They protect your accounts even if your device is stolen or lost

The Difference in Approach

Let’s compare traditional security with phishing-resistant security:

User Experience:

  • Traditional: Your team is burdened with remembering complex passwords and accessing codes, with protection decreasing during rushed moments
  • Phishing-resistant: Authentication ties directly to physical devices or security keys – no passwords to remember, share, or be stolen

Security Effectiveness:

  • Traditional: Vulnerable to phishing scams; can be compromised without physical access to devices; susceptible to sophisticated attacks
  • Phishing-resistant: Protects your team even if they click on malicious links; requires physical possession of the device or key; no secret information transmitted during authentication

Real-World Impact:

  • Traditional: The burden falls primarily on your people; requires constant vigilance from every team member
  • Phishing-resistant: Works even when someone makes an innocent mistake; shifts the majority of the security burden from your team to the technology itself

Taking Action: Bridge the Digital Skills Gap in Your Business

The time to strengthen your cyber security posture is now. Here are key steps to bridge the digital skills gap in your organisation:

  1. Acknowledge the gap: Recognise that traditional security approaches depending on perfect human performance are setting your team up to fail
  2. Implement phishing-resistant security: Consider technologies like passkeys and FIDO security keys that protect even during rushed human moments
  3. Create a security-aware culture: Rather than annual trainings, create ongoing awareness without creating a blame culture when mistakes happen
  4. Prepare for incidents: Have clear plans in place for when (not if) security incidents occur

    Conclusion: One Click Shouldn’t Risk Your Company

    The impact of a cyber incident can be far-reaching and costly for businesses of all sizes, but especially for small businesses. From significant financial losses and operational disruption to reputational damage and loss of client trust, the consequences can be devastating.

    The digital skills gap we face today is not due to careless employees – it’s a systemic issue where our education about protecting ourselves online hasn’t kept pace with how we use technology and the sophisticated threats we face.

    The solution isn’t just expecting people to scrutinise every email. It’s implementing security that works even when we’re human and make innocent mistakes.

    The future is phishing-resistant technology baked into a security conscious work culture!

    Because one wrong click shouldn’t risk your company. Not anymore.

    At Lumina Technologies, we’re helping businesses across Hertfordshire, London and the Home Counties, bridge this gap with phishing-resistant security like passkeys and FIDO security keys – protection that stays strong even during busy, rushed moments. Contact us today to learn how we can help protect your business from innocent mistakes.

    Click Here to Contact Us Today!

    Other Blogs

    What our customers say

    Lumina Technologies have taken the time to understand the requirements of our business and work as our strategic IT partner, enabling us to concentrate on delivering a high quality service to our clients and focus on our growth strategy. They have delivered a 100% cloud solution to our business with no underlying infrastructure costs or maintenance, which gives us scalability for our planned growth. It also means our business critical applications and data are securely accessible from virtually all our user devices. Lumina’s professional approach and strategic expertise is highly valued and their management of our IT – based on their in-depth knowledge, leaves us confident that our systems are available 24×7.

    Luke Harrison
    Keidan Harrison LLP

    Lumina have supported us so well through the difficult circumstances of 2020.  They worked extremely hard to ensure we were able to work remotely and continue to operate our business successfully. The support team are very friendly and knowledgeable, and have excellent response times.

    The team have also enhanced our cyber security which is so important in the legal sector, and they continue to provide high quality advice to help us move forward with our IT goals.

    Robin Illingworth
    Managing Partner, Adams & Remers LLP

    The quality of IT Support provided by Lumina Technology is of the highest standard and is complemented by effective client liaison with impressive response times. Trap Oil Group plc has no hesitation in recommending Lumina as a dedicated and specialist group of IT professionals.

    Martin David
    Technical Director, Trap Oil Group plc

    Richard and his team are a real inspiration to anyone who meets them and I have watched Lumina’s growth over the last few years with interest and admiration. Richard has been an amazing supporter of the Hospice of St Francis, being a Gold member of the Corporate Partner Network for almost two years. He takes an active interest in the community and is passionate about his company and his town: nothing is too much trouble, he is always willing to help, to give up his time and to provide business advice when asked. Lumina is an inspiration to any company wanting to set up business in Hertfordshire.

    Carolyn Addison
    Corporate Fundraising Manager, The Hospice of St Francis

    Lumina Technologies Prism Hosted Desktop has allowed our business to centralise our global corporate data, allowing much faster access for all our staff – regardless of their location. We have also been able to simplify and reduce our infrastructure and management overhead. With the new Prism Hosted Desktop solution all staff now have simple and secure access to corporate data using any device they choose. Prism Hosted Desktop has increased the productivity of our staff and given us a single, consistent and familiar experience for all users from any device, in any location, 24/7.

    Katherine Roe
    Chief Executive Officer, Wentworth Resources PLC

    The commercially sensitive and regulated nature of Lambert Energy Advisory’s business requires an IT provider able to maintain the highest levels of integrity and confidentiality, Lumina Technologies has consistently been unimpeachable in this regard over the nine years we have employed them.

    Patrick Agar
    Lambert Energy Advisory

    It has been a great pleasure working with Lumina Technologies over the past two years. They have fully committed to being involved in the local community with volunteering and with professional advice and commitment, helping many local charities along the way. As a growing company it proves that being involved in the local community is helping them attract and retain a talented workforce and I look forward to working with them well into the future.

    Cindy Withey
    Connect Dacorum

    Hawkstone Management Services Ltd is a small company for which IT Outsourcing is realistically the only viable option. Lumina Technologies have successfully performed this role for over fifteen years. They also provide innovative solutions to keep pace with technological progress. I would have no hesitation in recommending Lumina to similar sized businesses.

    Stephen Pembury
    Hawkstone Management Services Ltd

    Charles Douglas Solicitors LLP have been using Lumina Technologies for a number of years now and continue to be impressed by the technical know-how and contemporary knowledge of their senior management, who provide a timely, efficient and friendly service. Whether it is a small issue with one computer, or a strategic IT decision, they maintain a current knowledge of available technologies. Lumina are always at the other end of the phone to help resolve issues and minimise business interference. The technical knowledge of Richard and his senior team means that there has not been a problem that they can’t solve to date. I am sure we will continue to use them in the years to come.

    Charles Douglas
    Managing Partner, Charles Douglas Solicitors LLP

    The team at Lumina Technologies have made the Amoun Travel & Tours office IT transition seamless and problem free. The office set-up has been vastly improved and the IT Support services are flawless. No issue goes unresolved, which is extremely reassuring.

    Adam Helmy
    Amoun Travel & Tours Ltd

    Lumina Technologies has been Salamander Energy plc’s IT provider since start-up in 2005 and has supported us in London during our expansion across operational offices in SE Asia. Their professional approach, strategic advice and close co-operation have been essential in making this a success.

    John Bell
    Group Technical Director, Salamander Energy plc

    Richard and his team at Lumina have provided Perrett Laver Limited with high quality strategic and practical IT Services for over ten years. During this period, Perrett Laver has grown from 10+ colleagues based in London to nearly 100 colleagues located in six offices across the Americas, EMEA and Asia-Pacific. Richard and the Lumina team have not just been responsive to our ‘everyday’ IT needs, but have proactively sought to work with us on developing an infrastructure suitable for the type of operation we are today, and are planning to be months and years down the line. I would not hesitate to recommend Richard, especially for small to medium size business with growth in mind.

    Clementine McKinley
    COO, Perrett Laver Limited

    Society Limited has been supported by Lumina Technologies since our earliest start-up phase. From large logistical challenges like an office move, through to smaller fiddly issues like fixing a faulty e-template, we know we can count on their support and advice. They’ve also been able to engage with us strategically on the challenge of scaling-up our infrastructure as the firm continues to grow and evolve. We always feel confident going to Lumina with a problem, since we know they genuinely care about sorting things out and helping us to get on with our core business.

    Simon Lucas
    Managing Director, Society Limited

    The Vita Group HQ staff have worked with Richard McBarnet and Lumina Technologies for over 9 years, with Lumina providing all our PC, server, phone, and software support. The services have included C-level executives based in London, Manchester, the US, as well as supporting home office IT as well. The service provided and intellectual capabilities are outstanding and we would highly recommend Richard and his Lumina team.

    Joe Menendez
    CEO, The Vita Group

    We worked with Lumina on a GDPR Audit. Richard was knowledgeable and professional throughout, and did the best he could to bring a dry topic to life through lots of real life examples and analogies. We were so impressed with the service Lumina provided and the value we got from partnering with them on this project – we couldn’t recommend them enough.

    Holly Cottingham, Vintec Laboratories

    We’ve been so well supported by Paige and the Lumina team. They’ve been highly professional, very responsive, friendly, supportive. It’s really validated the decision to engage an IT partner, and we’re glad it’s with Lumina. 

    Bruce Storey
    Chief Operating Officer, Estu Global Ltd

    Discuss your business needs today

    Get in touch Schedule a call