<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=699785206826853&amp;ev=PageView&amp;noscript=1">

Creating a Cyber Security Training Culture in the Workplace

Posted by Philip Adikes on Jul 28, 2017 1:58:34 PM

In the last couple of years, we have seen several large data breaches make headlines. These breaches come from all different sizes and industries, but many have two things in common: they come from human error and they could have been avoided. To the general public it may seem as if these attacks come from weak network security which allowed someone to access an SQL server.The fault does not fall on systems administration. Hackers know that these attacks come from untrained imployees. Simple improvements in cyber security training can go a long way in protecting your employees from cyber attacks. A strong, security-oriented culture in the workplace can replace the need for security professionals with certification training. If every employee could contribute a little bit to threat identifiaction, the organization as a whole will have benefits similar to having internal security professionals. Culture changes can prevent embarassing press releases in the future regarding data breaches.

We have all encountered cyberthreats in many forms. Often we see a phishing email and think to ourselves "who would even fall for that?". Even though most people have the knowledge and skills to identify cyber attacks, the truth is that many people do fall for them and that is the reason phishing remains the most common cyber attack. Consider organizations with hundreds or thousands of employees. It is very likely that someone will fall victim to an attack at some point.

One recurring theme with breaches is that they are often not discovered until months later. Oftentimes they go noticed, but not reported. This is largely due to the embarassment that comes along with being the victim of an attack. Part of information security and cybersecurity training is quick reporting to prevent damages from spreading. One large step towards a successful cybersecurity culture is getting in the routine of communication. If employees spot a phishing attack, encourage them to point them out and be vocal about them. This way, when an attack is identified by one employee it will become general knowledge by communication. If someone identifies an attack and tells nobody, it does not benefit anyone else. With increased communication, employees who aren't as able to identify attacks will pick up on commonalities in attacks and sharpen their identification skills. Let employees be the main form of threat detection in an organization. Train employees to make a habit out of asking the IT department for help when they have any doubt about an email's legitimacy. This behavior is will greatly improve system security and should be rewarded. Successful attacks may compromise your information or even control systems, which could be prevented with team training.

To most immediately increase an employee's ability to recognize attacks, organizations should consider security awareness training solutions to develop cybersecurity skills. For example, securable offers 200+ educational modules in their training platform that are very quick and effective in their training. They do not intrude in productivity and could potentially save millions in costs associated with data breaches. Training centers now live online, and yearly seminars with a speaker are no longer required. Requiring employees to allocate just a couple of minutes per month towards their cyber security training can definitely go a long way.

Increasing cyber defense through online training can contribute greatly towards risk management in an organization. Cyebrcrime is often identified as a leader in risk, and human error is identified as the largest culprit of successful cyberthreats, so human error is a large contributor to risk in an organization. To boost risk management efforts in the workplace, organizations need to invest in their people through online training. Many times management invests in network security as an attempt to simply purchase protection. While they seek fast solutions, the proper solution takes time through education and training of employees. These investments will decrease potential loss in event of an attack and pay for themselves many times over. In order to adequately invest in the employees of an organization, management needs to make sure that the employees are willing to be trained in this manner. Assigning longand mandatory security certification exam may not be perceived well by most employees. Many may be reluctant to implement any training at all, thinking they do not need it. It may require an external penetration test in order to convince management that there are great holes and vulnerabilities. A hiring ethical hackers to perform a penetration test will very clearly provide threat detection for an organization and make recommendations moving forward. Cyber defense is built off of education and training which contribute towards a strong cybersecurity culture.

While security awareness training solutions are very effective, there is a lot that managers can do to increase awareness without making any monetary investment at all. There is no need to hire someone ethical hackers with cyber security certifications or a CEH certification or other types of system security experts. As mentioned above, conversation can go a long way, and managers can spark the conversation by attaching quick tips on internal emails. These tips can include any aspect of cybersecurity training., from passwords to public wifi usage. There are several free resources online regarding implementable tips. There are many free phishing quizzes online. One could be emailed out with a small prize for whoever scores the highest. Making security a fun daily topic will get employees in the proper mindset


Read More

Topics: Cybersecurity, digital footprint, Human Firewall, Cybersecurity Companies, cyber security training, cyber awareness training, Employee security, IT Security, Social Engineering Toolkit, Security Training, security awareness training

Cyber Risk Questions Your Board Needs To Be Asking

Posted by John Cook on Jun 28, 2017 10:30:00 AM

 

Read More

Topics: Cybersecurity, digital footprint, Human Firewall, cyber security training, cyber awareness training, Employee security, IT Security, Social Engineering Toolkit, Security Training, security awareness training

What is Petya Ransomware?

Posted by Philip Adikes on Jun 27, 2017 2:31:15 PM

Just a few weeks after the WannaCry Ransomware infected over 300,000 systems across the world, a new ransomware attack is underway and has already affected major companies in several different countries. The ransomware has been able to spread quickly, using the same SMBv1 vulnerability used during the WannaCry attack in early May. 

Read More

Topics: Cybersecurity, digital footprint, Human Firewall, Cybersecurity Companies, cyber security training, cyber awareness training, Employee security, IT Security, Social Engineering Toolkit, Security Training, security awareness training

Onsite Data Storage Security Training [Infographic]

Posted by Dan Kraciun on Jun 23, 2017 9:00:00 AM

Onsite data storage is an important topic for decision makers within organizations. Within the data stored on site can be client and employee information, product information, sensitive IP, and more.

Read More

Topics: Cybersecurity, digital footprint, Human Firewall, cyber security training, cyber awareness training, Employee security, IT Security, Social Engineering Toolkit, Security Training, security awareness training

Top 5 Security Awareness Facts Your Board of Directors Needs to Know

Posted by Ryan Frazer on Jun 21, 2017 10:00:00 AM

 

Read More

Topics: Human Firewall, cyber awareness training, IT Security, Social Engineering Toolkit, Security Training, security awareness training

Hackers are Using Your Phone Number to Steal Your Personal Data

Posted by Philip Adikes on Jun 19, 2017 9:00:00 AM

 

Read More

Topics: Human Firewall, cyber security training, cyber awareness training, IT Security, Social Engineering Toolkit, security awareness training

Personal Device Security [Infographic]

Posted by Ryan Frazer on Jun 16, 2017 9:00:00 AM

We live in a world that becomes more and more interconnected each day. While many benefits come with this interconnectivity, there are also some downsides. Employees often mix their personal life and work life on their mobile devices. Whether they have sensitive company data on their insecure, personal device or details from their personal life including text and email on their company device. 

Read More

Topics: Cybersecurity, digital footprint, Human Firewall, Cybersecurity Companies, cyber security training, cyber awareness training, Employee security, IT Security, Social Engineering Toolkit, Security Training, security awareness training

QR Code Security Awareness [Infographic]

Posted by Stephen Abbey on Jun 14, 2017 11:54:13 AM

 

Read More

Topics: Cybersecurity, Human Firewall, Cybersecurity Companies, cyber security training, cyber awareness training, Employee security, IT Security, Social Engineering Toolkit, Security Training, security awareness training

Slack Security Awareness Training [Infographic]

Posted by Philip Adikes on Jun 12, 2017 9:00:00 AM

 

Read More

Topics: Cybersecurity, digital footprint, Human Firewall, Cybersecurity Companies, cyber security training, cyber awareness training, Employee security, IT Security, Social Engineering Toolkit, Security Training, security awareness training

Responsible Data Practices [Infographic]

Posted by Alex Ghorishi on Jun 9, 2017 9:00:00 AM

 

Read More

Topics: Cybersecurity, digital footprint, Human Firewall, Cybersecurity Companies, cyber security training, cyber awareness training, Employee security, IT Security, Social Engineering Toolkit, Security Training, security awareness training

Wave of Cyber Breaches Calls for Increased Security Awareness Training

Posted by Philip Adikes on Jun 8, 2017 12:23:23 PM

 

Read More

Topics: Cybersecurity, digital footprint, Human Firewall, cyber security training, cyber awareness training, Employee security, IT Security, Social Engineering Toolkit, Security Training, security awareness training

Cyber Awareness Training: SpyWare Beware

Posted by John Cook on Jun 6, 2017 9:00:00 AM

 

Read More

Topics: Cybersecurity, digital footprint, Human Firewall, cyber security training, cyber awareness training, Employee security, IT Security, Social Engineering Toolkit, Security Training, security awareness training

Twitter Security Training Infographic

Posted by Alex Ghorishi on Jun 5, 2017 3:29:36 PM

 

Read More

Topics: Cybersecurity, digital footprint, Human Firewall, Cybersecurity Companies, cyber security training, cyber awareness training, Employee security, IT Security, Social Engineering Toolkit, Security Training, security awareness training

Facebook Security Training Infographic

Posted by Alex Ghorishi on Jun 2, 2017 1:31:24 PM

 

Read More

Topics: Cybersecurity, digital footprint, Human Firewall, Cybersecurity Companies, cyber security training, cyber awareness training, Employee security, IT Security, Social Engineering Toolkit, Security Training, security awareness training

LinkedIn Security Awareness Training Infographic

Posted by Kyle Abbey on Jun 1, 2017 4:30:22 PM

Linkedin Security Awareness Training

Read More

Topics: Cybersecurity, digital footprint, Human Firewall, Cybersecurity Companies, cyber security training, cyber awareness training, Employee security, IT Security, Social Engineering Toolkit, Security Training, security awareness training

OneLogin Password Manager User Data Hacked / Decrypted

Posted by Brad Reynolds on Jun 1, 2017 4:28:07 PM

 

Read More

Topics: Cybersecurity, digital footprint, Human Firewall, Cybersecurity Companies, cyber security training, cyber awareness training, Employee security, IT Security, Social Engineering Toolkit, Security Training

InfoSec Cyber Awareness Update - May 2017

Posted by John Winkler on May 30, 2017 9:00:00 AM

 

May 2017 InfoSec News

Read More

Topics: Cybersecurity, digital footprint, Human Firewall, Cybersecurity Companies, cyber awareness training, Employee security, IT Security, Social Engineering Toolkit, Security Training, security awareness training

Organizations Lacking Security Awareness Training

Posted by Philip Adikes on May 29, 2017 8:30:00 AM

Security Awareness Training - As organizations scramble to implement cyber security strategies after the recent wave of cyber attacks across the globe, many are overwhelmed by all of the tools they can implement for their business. From firewalls, end-point detection systems, antivirus and anti-malware software, and intrusion-prevention systems are just some of the countless options that IT directors can choose from. As businesses put together stronger cyber strategies to protect their organization, cyber criminals are finding new and creative ways to penetrate organizations and breach sensitive data. Using complex social engineering tactics, it is estimated that hackers cause billions of dollars in losses for companies each year.

Read More

Topics: Cybersecurity, digital footprint, Human Firewall, Cybersecurity Companies, cyber security training, cyber awareness training, Employee security, IT Security, Social Engineering Toolkit, Security Training, security awareness training

WannaCry Cyber Awareness Training Infographic

Posted by John Cook on May 23, 2017 8:30:00 AM

     

 

Read More

Topics: Cybersecurity, digital footprint, Human Firewall, Cybersecurity Companies, cyber security training, cyber awareness training, Employee security, IT Security, Social Engineering Toolkit, Security Training, security awareness training

Why Use Cyber Awareness Training in Healthcare

Posted by Keith Hannah on May 19, 2017 9:00:00 AM

 

Read More

Topics: phishing, Cybersecurity, digital footprint, Human Firewall, cyber security training, cyber awareness training, Employee security, IT Security, Social Engineering Toolkit, Security Training, security awareness training