Security awareness training, usually done on a recurring basis, helps users understand different threats they might be exposed to during their personal and work lives, typically focusing on the digital realm. The goal of the training is to elevate users’ awareness of these threats so they can recognize them before falling victim to them.
So why should your company implement this training? In short, human nature. Without delving in to the psychological, I’ll highlight a few key points:
- humans are creatures of habit
- we all have a natural tendency to want to help
- as humans we have a natural fear of the unknown or unexpected
A great example of why constant training is necessary: a user was selling something on Facebook Marketplace and started a texting conversation with a potential buyer. The potential buyer asked the user to provide a Google authentication code to verify the user was a “trusted account”. The user received a text message from Google with a 6-digit code and provided that code to the potential buyer. The buyer came back and said the code didn’t work and asked the user to provide the code again. At that point the user became suspicious and ended the conversation. Unfortunately, the user had unthinkingly bypassed the multi-factor authentication on their Google account by providing that code to the potential buyer.
Implementing a training program that regularly teaches users about threats, tests their knowledge, offers additional training when necessary, and is concise, will help your company avoid many common threats that technology alone cannot mitigate while not impacting users’ productivity. This article points out why the “human firewall” is more important than ever now: https://bit.ly/3FC4ch2.
If you have questions about implementing security awareness training in your company, contact us here: https://bit.ly/CBTech-contact
Sign up for our monthly Timely Tech Tips: https://bit.ly/CBTech-Tips