Ask any security expert what the most effective way to improve cybersecurity is, and chances are they’ll say “staff training”. Not only is training relatively cheap, but a well drilled workforce that’s vigilant to the latest threats and techniques used by cyber-criminals (such as phishing and social engineering) can go a long way to protecting a business’s sensitive data.
Unfortunately, over the past 20 years cybersecurity training has increasingly been viewed as a tick box exercise, or something to be got out the way once a year for compliance reasons. In many companies, the typical training session amounts to little more than a short video or presentation, followed by a questionnaire and/or Q&A session with the instructor.
While this may ‘tick the training box’ at the board level, it generally fails to engage employees in any meaningful way, leaving them no more informed than before they went in.
Effective cybersecurity training has never been more important
When considered against the backdrop of an increasingly hostile cybersecurity landscape, where dangerous new threats are emerging all the time, the training approach described above is at best, lacklustre and at worst, dangerous.
With data becoming more and more important to businesses everywhere, effective protection is now paramount and the repercussions for those who fail to do so are growing. Reputational damage, loss of customer confidence and major regulatory fines can all prove fatal to a business’s long term prospects, particularly in the current financial climate.
Add to this the fact that many employees are still working remotely, where distractions and the home environment mean their guard is down even further than normal. Businesses need to know they can trust their employees to act appropriately, regardless of where they ar ..
Support the originator by clicking the read the rest link below.
