In most places of work the first line of defence for protecting your business information is something like your firewall. In most cases this is incorrect. Yes the firewall is designed to protect your business from the nasties of the outside world and most of them do a very good job of it but when it comes to noticeable problems it is usually your staff and users who notice first.
A user is very aware of their environment, what is happening around them, most of the time, and this extends to their computer environment. A user is engaged, working, in their computer environment for 8 hours of the day. They notice when their computer, yes their computer, most users will take ownership of the computer and call it theirs, is having problems.
They may not be noticeable to you or I but when the user, who has been using that computer for 6 months, tells the ICT support tech that there is something wrong, then you had better listen. All computers have idiosyncrasies, and users learn to work with them, through them or around them to do their job and that is why they will notice a change in the environment.
This change maybe a slowing down in accessing the Internet, being slow to load programs, weird pop ups, or any of a large number of inconveniences to the user but that are noticeable then it is time to listen and do something about it.
The cyber defense of your business has to include your staff and users. They are the ones who will notice problems arising when the ICT staff are busy doing the projects and management that they have to do to ensure your business systems run smoothly.
They are the ones who will bring problems to the table. They could be user problem, operating system problems, application problems but they could also be the signs of the first attack on your business. An unpatched system, not updated anti virus system or targeted attack that will be noticeable to the user.
With better training the users have a better understanding of what maybe happening. When they do notice a change in what their computer is doing they need to have some process to report it. As an ICT tech do not disregard these small problems bought to you by a user as it could be the first wave of a focused and intensive attack on your business.