This summer, we packaged our knowledge of the security awareness industry into a 20-minute webinar. The resulting Ultimate Guide to a Successful Security Awareness Program (SAP) is now available in full on YouTube.
Here’s a summary of the presentation, straight from the slides.
1. Security Awareness Training Matters
“Why does my organization need security awareness?”
It prepares your human layer of defense against harmful attacks, and helps them know how to respond when those attacks happen.
2. Security Incidents Happen
When authentication processes are misused, bad things happen.
“How do I avoid epic failure?”
Train your users to create strong passwords, and develop a policy that makes it easy for users to comply.
Remember: All it takes is one click to compromise your organization.
“How do I avoid epic failure?”
Implement reliable technical safeguards. Phish your users. Provide supplemental training.
3. The Insider Threat
Your employees (or insiders) are your weakest link. Ninety-seven percent (97%) of them have access to sensitive information.
There are three types of insider threats you need to be aware of: malicious, accidental, and negligent.
Here’s how you can mitigate insider threats in five easy steps:
- Train your employees.
- Implement a strict password & account management plan.
- Perform & track risk assessments.
- Develop an incident response plan.
- Routinely audit access privileges.
Increasing your employees’ understanding & awareness will greatly improve the resilience of your organization.
4. Understanding the Enemy
“If you know the enemy and you know yourself, you need not fear the result of a hundred battles.” — Sun Tzu (quoting a famous proverb)
What is a hacker? “A computer user who knows the technology backward and forward. Sometimes hackers save the day. Other times they use their expertise to illegally break into elaborate systems.” — 1999 guide to technology terms
In other words, hackers are not your enemy; criminal hackers are your enemy. And if criminal hackers are your enemy, social engineering is their weapon of mass destruction.
5. Building the World’s Strongest Program
Your employees also happen to be your strongest link. Here are five ways you can empower them.
- Schedule regular mandatory risk assessments..
- Listen to your employees.
- Adopt an adaptable, continuous learning model.
- Emphasize the importance of reporting incidents.
- Make training and reinforcement personal, engaging, and interesting.
The Ultimate Guide to a Successful Security Awareness Program (SAP)
The text above is made up of talking points. To get the full benefit of the webinar, you need to watch the video embedded at the top of the page. Our Chief Digital Officer, Kayley Melton, has dozens of great insights that supplement the topics listed.
As always, we are here to help you with any of your security awareness needs. Feel free to reach out via our Contact Us page.
Latest posts by The Security Awareness Company (see all)
- Venmo security: Peer-to-peer payment apps are riskier than you think - November 26, 2019
- Security Awareness: Get Management to Buy In - October 15, 2019
- The Ultimate Guide to a Successful Security Awareness Program (SAP) - October 10, 2019