Stuart Gentle Publisher at Onrec

Phishing for better IT management in recruitment agencies

Weak cyber security, downtime and compliance are just some of the challenges COOs of mid-sized recruitment agencies face

COOs in the recruitment industry have a lot of responsibility, especially in mid-sized agencies. Not only must they ensure the smooth running of day-to-day processes such as staff management, but they are often also responsible for the agency’s finances, IT systems, risk management and compliance. Juggling all of these proves to be difficult. Nathan Charles, Head of Customer Experience at managed IT service provider OryxAlign, explains how the challenges faced by operations executives often impact the condition of their IT infrastructure.

The going rate for stolen passport information on the dark web in 2017 was up to $2,000, according to Experian. Given that mid-sized agencies can receive hundreds of CVs and other documents like copies of driving licenses, they are a prime target for identity fraud.

The challenge for recruitment agencies is not only managing data in an efficient way, but also protecting it. One of the main avenues for a cyber-attack is through phishing emails sent to staff, sometimes with CVs containing a virus. A report by APWG explains that 2021 saw the record for the most phishing attacks, with over 300,000 in December alone.

SMEs are at particular risk of attack. According to Barracuda, a small business will receive around 350 per cent more social engineering attacks per employee than a larger enterprise.

Challenges for COOs

We carried out a Twitter poll survey and found that 42 per cent of CEOs and MDs agreed that their biggest concern following a successful breach is the operational downtime.

In an effort to narrow down the solutions to this problem, we undertook a second Twitter poll survey, asking recruitment agency tech leaders which IT/tech problems they would want to solve the soonest, with the highest response being “a weak cybersecurity system” (31.9 per cent).

Research conducted by Cybersecurity Ventures concluded that 60 per cent of small businesses will shut down six months after a major security breach. COO’s take on the majority of the pressure in ensuring this does not happen as it is their responsibility to get operations back up and running as soon as possible.

The high-pressure environment of recruitment adds more complications. Recruiters are under pressure to hit targets and may take short-cuts in order to achieve their goals. This can lead to them not always following best practice when it comes to cyber security. That can lead to additional workload for the IT team.

A former recruitment officer reports, “new executives in recruitment agencies have a shorter probationary period to prove themselves, and so are under pressure to deliver results quickly. Any setbacks in their phone or computer setup can cause immense frustration and stress. This then puts pressure on the IT department to fix these issues as soon as they occur, usually resulting in a high IT staff turnover.”

Managed IT services

These issues have led to some mid-sized recruitment agencies to outsource their IT management and protection. The benefit of using a managed IT service is that it relieves the pressure on C-level staff of small agencies and allows them to focus on their core business, as well as providing up-to-date protection.

It is important for businesses to view managed IT services as a partnership, rather than a tick-box exercise. An effective relationship with the service provider involves communication and allows future projects, such as the IT setup for the opening of new offices, to be planned in advance. This allows the service provider to grow the IT system in tandem with the business.

OryxAlign provides quarterly email phishing testing and training services, which can reduce the risk of a breach by 80 per cent over twelve months, while also providing effective protection by incorporating email filtering and extended detection and response (XDR).

XDR is a proactive security solution that offers complete optimisation and holistic security across the IT ecosystem, including networks, endpoints, and cloud environments. The combination of XDR and effective staff training allow you to cover both the human and technical leaks in your cyber security.

To find out how a managed IT partnership could benefit your recruitment agency, visit