We know that compliance doesn’t necessarily equal security and that training employees is vital to preventing cyber attacks. But a poorly trained worker is the same as one not trained at all, and in too many tech companies, training isn’t exactly exciting or inspiring. As Stu Sjouwerman explores, there are simple-but-effective methods to get everyone on board for security compliance training.
Several high-profile companies this year — Cisco, Microsoft, Mailchimp and most recently Uber — fell victim to social engineering and phishing scams, even though most of these tech companies have the best cybersecurity teams and infrastructure on the planet. The reality is that businesses can deploy all the security tools they want, but human behavior will always remain the weakest link.
Thankfully, there’s a way to manage this. Studies show security awareness training can reduce the susceptibility to phishing, and most cybersecurity regulations mandate organizations to impart some form of security training to employees. That said, we all know that compliance training is often dull and uninspiring. In fact, employees who receive poor training are almost indistinguishable from those who have received no training at all. So how can organizations do better with cybersecurity training? Here are five tips…
