I’ve read what seems like a million articles on how to make security awareness training more effective for remote workers. And honestly, they all seem to say the same thing. Teach employees the basics and give them a list of things they should do to keep your data safe. Almost every article includes the same tips. They say ‘don’t click on unknown links, use strong passwords, don’t access work data over public wireless, always install updates and more.
But if what we’re preaching was really working, we wouldn’t have to keep saying it. Since cyberattacks are still happening, that’s clearly not the case. Now, things are about to shift again. Many employees are moving over the next few months to hybrid work instead of being fully remote. That means new, possibly bad, habits.
We Need New Security Awareness Training
A recent survey by Tessian found 56% of IT leaders believe employees have picked up bad cybersecurity habits since working from home. They say one in three employees think they can get away with riskier behavior when working remotely.
After hours of thought and research, along with having written many articles on this topic myself, I decided that the problem with employees and security awareness training goes deeper than a list of seemingly simple actions.
I came to three conclusions about what we, as a business and cybersecurity community, need to do to actually change things for the positive. They’re different from what you may find elsewhere. And each one is bigger than just one company; they mark a major shift in how we view cybersecurity awareness training and work in general.
Support the originator by clicking the read the rest link below.
