What is security awareness training?

  • Strategy used by IT and security professionals to prevent and mitigate user risk
  • Providing cyber security education to your workforce
  • Programs are designed to help users and employees to help understand and prevent information security breaches
  • Training is most often presented in an online or computer  based format.

Why is security awareness training needed?

  • helps to minimize risk thus preventing the loss of PII, IP, money or brand reputation
  • to equip employees with the knowledge they need to combat these threats.
  • what clues to look for that indicate threats, and how to respond when they see them
  • Many employees are unaware of key risk factors relating to data security and privacy.
  • Even seemingly harmless behaviors or small mistakes can have big consequences.

What topics should awareness training cover?

  • Phishing
  • HIPPA
  • Password security
  • Malware
  • Privacy issues
  • Clean desk policy
  • Inside threats
  • Incident reports
  • Data in motion

How do I know security awareness training is working

  • More reported incidents means your employees have developed sharper eyes for suspicious activity
  • Reported phishing email percentage
  • Reported phishing email percentage
  • How much incident remediation costs