Skip to main content

Cybersecurity Awareness & End User Training

September 18, 2014

You’ve probably seen the news about companies around the world being hacked. These are companies that have millions of dollars invested in technology and have top-notch security professionals at the helm. While organizations invest in IT security infrastructure, many of them lack in the biggest security gap: The User. 

People are trained to perform their jobs in technology, accounting, sales, etc. but lack the basic knowledge of how to protect company data from the outside. You can’t assume that everyone knows the rules, cautions and dangers. Hackers are getting better and better at disguising their methods, it’s not always obvious.

To have an effective security program, individuals need to know what to do when hackers call them, how to identify a hacker’s emails, how to know which software apps are “safe” to download, among other things. Probably most important is what to do when those hacker attempts are identified. 

The White House has declared October National Cybersecurity Awareness Month, stating “the cyberthreat is one of the most serious economic and national security challenges we face as a nation.”  

Attacks can be initiated at any time, notably after company news is released or following a network outage (sometimes by design as in Denial of Service attacks). The messages may be appear to be official company communications or may be spoofed to come from a Corporate Executive. When emails fail, the hacker may discover future “prospects” using other forms of attack such as social engineering.

As increasing amounts of sensitive information flows across the network, new platforms are designed protect that information. However, the best security technology in the world can't help you unless employees understand how to safeguard data and protect company resources.

Security Awareness Training is a critical component in protecting an organization’s most important asset - its data. Training users to identify and avoid risks and make good judgments online are critical elements of network security.

The key to leveraging security awareness training to protect your data isn’t just a one-time blast; it’s a continual learning process. That’s why a well-organized cybersecurity training program includes reinforcements throughout the year like posters, newsletters, videos training, evaluations and videos.

The problem with security awareness programs is that it’s hard to “prove” their success. As with any security countermeasure, success is measured in that nothing happens. Every time an employee does not click on a phishing message, every time they avoid a malicious website, every time they lock their door or computer monitor, every time they refuse to enter private information for questionable purposes, is a security awareness success.

As NCSAM kicks off, I challenge you and your organization's end users to take action on these daily security risks:

  • Keep your computer locked at all times while you’re away from your desk.
  • Learn to recognize a phishing email.
  • Create strong passwords at work and at home.
  • Protect your computer as you would your wallet or purse.
  • Report suspicious emails, phone calls or persons in the building. 

Let’s work together and help combat unwanted threats as a team. If we do this correctly, no news will truly be good news. 

Related Blogs

June 14, 2016

Identity Protection Tips for Your Graduate

College students are five times more likely to become victims of identity theft than any other demographic, according to The Financial Times. Experts ...

See Details

April 26, 2016

Online Surfing Tips for Summer Safety

For many individuals, this summer will be full of fun, enjoying the great outdoors and spending time with friends and family. Oh, and of course many h...

See Details

August 11, 2016

Play it Safe, or Don’t Play at All

Every day, millions of people around the world actively engage in a variety of online gaming activities. In fact, more than 58 percent of all American...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

Related Insights

October 11, 2017

Security Solutions

Optiv is a market-leading provider of end-to-end cyber security solutions. View our services here.

See Details

September 20, 2017

PCI Compliance

Go beyond the PCI compliance checklist.

See Details

January 31, 2017

Governance, Risk and Compliance

Learn how to mature and optimize your GRC program and technology investments.

See Details

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cybersecurity Events in your area.