how to offer security awareness training that works

Want employees to pay attention to security awareness training? Make it accessible, pervasive and targeted to your audience.

There is a reason phishing scams remain popular. Despite the fact most knowledge workers know the risks of clicking on unknown attachments or links, a significant number of them continue to do it. A recent Harris Interactive survey found that 19 percent of U.S. employees working in an office said they had opened an email at work that they suspected could be a scam – and those were just the ones willing to admit it. Chances are, the actual number is higher. Despite this, many security professionals focus on technology and treat user training as an afterthought.

“Most people buy first and train later, but that’s the wrong approach,” said Tom Nelson, an assistant professor who teaches Digital Forensics and Information Assurance at Marshall University and president and principal security consultant of Blackrock Consulting. “A next generation firewall is not going to protect you if a bad guy can get somebody inside to do something for them.”

Here are some tips from their presentation:

Get management buy-in.

With management, stress the dollars and cents of good security. Emphasize the productivity gains attained by reducing security-related downtime as well as the financial losses that can result from data breaches.

Target your security training.

Should you offer the same training to the sales people as you do to mailroom workers? No, said Gardner, noting that training should focus on the specific vulnerabilities faced by different users.

Get management buy-in.

Respect For Your Business

Located centrally we are ideally situated for national coverage. With a committed management structure we provide a quality service in a cost conscious market.
A discreet and well managed guarding service can enhance your business model.

Let us provide the “creative” solution. Alternatively, you may need a high profile uniformed presence. No problem, let us create for you! We can work outsourced as part of your facilities operation or fully integrated into you company structure. Trust us to provide the ultimate security package.

All areas are fully risk assessed pre-contract; armed with a comprehensive analysis of your requirements, you can make an informed choice after our definitive recommendation to move forward in partnership. Our company will plan risk management strategy to maximise loss prevention, implement fraud prevention and integrate venue security within budget to increase business profitability. Our teams work on a round the clock basis to offer the best solution for you. We are well versed and regularly in contact with service providers such as Redcare on our existing contracts.