Scott Youngs, CIO of Key Information Systems, and I spoke about how everyone in your company needs cybersecurity training. And not just an annual refresher either. Everyone needs continuous training and feedback on that training to maintain vigilance and awareness of actual threats to corporate security.
Scott and I suggest keeping security in front of everyone with a multi-phase approach:
- Formal training (Classroom, scenario, webinar)
- Email reminders
- Informal training (Signage, policies)
- Involvement (Discussions)
Employees can fall prey to phishing and social engineering schemes, even if they’ve just gone through training. Regular scenario-based training works quite well to keep employees safe and your network secure. We understand that security training and vigilance requires dedication and resource commitment. We’re not unsympathetic to the resources required. There are a lot of free and unobtrusive things you can do to maintain a secure environment. There’s plenty of free training and information available to you.
One final point that Scott made and I repeated in the podcast is that you have to customize security training for your employees. For example, retail employees have different security training needs than manufacturing employees do. Similarly, C-level employees have different security training needs than IT department employees do.
Key Information Systems covers Southern California but also has clients in other regions as well. If you require assistance for your security needs, please go to keyinfo.com and select a Contact Us link to engage their capable staff.
Length: 18:36 minutes. Format: MP3. Rating: G.
Copyright 2017 The SecurityNOW Podcast Show. License: CC BY.