What is security awareness training?
- Strategy used by IT and security professionals to prevent and mitigate user risk
- Providing cyber security education to your workforce
- Programs are designed to help users and employees to help understand and prevent information security breaches
- Training is most often presented in an online or computer based format.
Why is security awareness training needed?
- helps to minimize risk thus preventing the loss of PII, IP, money or brand reputation
- to equip employees with the knowledge they need to combat these threats.
- what clues to look for that indicate threats, and how to respond when they see them
- Many employees are unaware of key risk factors relating to data security and privacy.
- Even seemingly harmless behaviors or small mistakes can have big consequences.
What topics should awareness training cover?
- Phishing
- HIPPA
- Password security
- Malware
- Privacy issues
- Clean desk policy
- Inside threats
- Incident reports
- Data in motion
How do I know security awareness training is working
- More reported incidents means your employees have developed sharper eyes for suspicious activity
- Reported phishing email percentage
- Reported phishing email percentage
- How much incident remediation costs
