Security Controls 101: Security Awareness Training
There are many tools, plans, techniques and technologies available out there to create and enforce Cyber security for your business. In my first career as an IT professional, I used many of these tools effectively...but let's be really honest here and admit that cyber security is really a "people problem" more than it is a "technology" problem! You can have all the security available in place and still have someone in your organization click an attachment, or follow a link that causes a security event or network breach.
How do we defend the organization from this dynamic and ongoing issue?
Security awareness training (SAT) is a formal process for educating employees, contractors, and business partners on how to protect an organization's information and computer systems from threats and cyber criminals. One example of how a security awareness training services does this is by regularly sending out fake emails to staff in an attempt to trick them into clicking something they should not, and then following up by training them how to detect and avoid these type of nefarious emails, etc.
This type of training raises user awareness and develops a security mindset that is beneficial to the organization. I think there is some positive peer pressure with this as training as well. Nobody wants to do the walk of shame after being fooled by a trick email and have to watch a 10 min video about why they should not have clicked. :)
If you would like to talk more about cyberinsurance, cybersecurity, Security Awareness Training, or just bounce some ideas around, Contact us today.