First, what is security awareness training? This is training, usually done on a recurring basis, that helps users understand different threats they might be exposed to during their personal and work lives, typically focusing on the digital realm. The goal of the training is to elevate users’ awareness of these threats so they can recognize them before falling victim to them.
So why should your company implement this training? In short, human nature. Without delving in to the psychological, I’ll highlight a few key points:
- humans are creatures of habit
- humans have a natural tendency to want to help
- humans have a natural fear of the unknown or unexpected
A quick example of each:
- reusing passwords across multiple sites/services
- a popular voice phishing (vishing) scam is for a malicious actor to call up a grandparent claiming to be a grandchild who desperately needs a bit of cash to get out of a jam
- popular phishing scams purporting to be the IRS or the FBI threatening legal action if money is not paid immediately
Implementing a training program that regularly teaches users about threats, tests their knowledge and offers additional training when necessary, and is concise will help your company avoid many common threats that technology alone cannot mitigate while not impacting users’ productivity. This article points out why the “human firewall” is more important than ever now: http://bit.ly/35TQZ4j.
If you have questions about implementing security awareness training in your company, contact us here: https://bit.ly/CBTech-contact
Sign up for our monthly Timely Tech Tips: https://bit.ly/CBTech-Tips For weekly tips like these, follow us on Facebook: http://bit.ly/2sCMb30 LinkedIn: http://bit.ly/375e6HB Twitter: http://bit.ly/3ajca0n