Security awareness training, when provided on a weekly or monthly recurring basis, helps users understand different threats they might be exposed to during their personal and work lives. The training typically focuses on the digital realm, though it might include scams that operate via face-to-face or postal service methods. The goal of the training is to elevate users’ awareness of these threats so they can recognize them before falling victim to them, or at least help them mitigate any damage if they do fall victim.
So why should your company implement this training, and why more often than just once a year or quarter? In short, human nature. Without delving in to the psychological, here are a few key points:
- humans are creatures of habit
- we all have a natural tendency to want to help
- as humans we have a natural fear of the unknown or unexpected
- we all have short memories and shorter attention spans
A great example of why regular training is necessary: a user was selling something on Facebook Marketplace and started a texting conversation with a potential buyer. The potential buyer asked the user to provide a Google authentication code to verify the user was a “trusted account”. The user received a text message from Google with a 6-digit code and provided this code to the potential buyer. The buyer came back and said the code didn’t work and asked the user to provide the code again. At that point the user became suspicious and ended the conversation. Unfortunately, the user had unknowingly bypassed the multi-factor authentication on their Google account by providing that code to the potential buyer.
Implementing a training program that regularly educates users about threats, tests their knowledge, offers additional training when necessary, and is engaging, will help your company avoid many common threats that technology alone cannot mitigate while not impacting users’ productivity. This article points out why security awareness training is more important than ever as phishing attacks are the top avenue for ransomware delivery: http://bit.ly/3IUAdWX.
If you have questions about implementing security awareness training in your company, contact us here: https://bit.ly/CBTech-contact
Sign up for our monthly Timely Tech Tips: https://bit.ly/CBTech-Tips