• Technika
  • Elektrické zařízení
  • Materiálový průmysl
  • Digitální život
  • Zásady ochrany osobních údajů
  • Ó jméno
Umístění: Domov / Technika / How to Build a Security Awareness Training Program - Security Boulevard

How to Build a Security Awareness Training Program - Security Boulevard

techserving |
2235

With increased digitization of everything post-pandemic, cybersecurity has become a top concern for global CEOs with almost half planning to increase cybersecurity investment by 9%, according to PwC. Since 85% of breaches involve human error, throwing more money at the problem by buying the latest cybersecurity technology may hit a point of diminishing returns. At its core, cybersecurity isn’t just a technical problem, it’s a human problem. Organizations need more than technology—they need employees as both their first and last line of defense; employees who embrace security awareness and who identify, avoid and flag activities and items that are of a suspicious nature.

Where Security Awareness Programs Fall Short

It can be argued that businesses are increasingly investing in cybersecurity awareness, yet cyberattacks continue to rise by triple digits. The reality is that security awareness is multidimensional;blending education, upskilling and communications. Security awareness has become a check-the-box set of activities for many organizations, but what we really want is security-minded people—those who don’t just recite policies but who integrate security into their daily lives.

Foundational Components Of A Security Awareness Program

How to Build a Security Awareness Training Program - Security Boulevard

The phrase security awareness is built on an inherent (and incorrect) assumption. It assumes that just telling employees about the existence of cyberthreats will suddenly lead to an enlightened workforce. For any security awareness program to be successful, it should include the following foundational elements:

Passion for people: It’s important we acknowledge that the leader of this program should be people-oriented. They need to see people as the solution, not the problem. If the leader is biased against users, they’ll likely subvert the entire program. Program owners need to garner buy-in from upper management because such support has significant impact on communicating key messages across the organization.

Well-thought-out communications strategy: When it comes to security awareness, it’s obvious there’s a communication component because, depending on the audience, role or team, people can perceive messages in different ways based on how they receive them, the tool used to deliver the message and other factors like employment background, experience and culture.