Sign up to save your podcasts
Or
Share DP71 What You Need To Know About Cybersecurity Training
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
DP71 What You Need To Know About Cybersecurity Training
It’s easy to convince people to consider cybersecurity training. If people don’t know how to recognize breaches or threats, how can you expect them to avoid them, report them or remove them? They won’t be able to.
As I’ve said in the past a lot of breaches typically stem massively from people. From weak passwords, misplacing devices or leaving computers in public areas, employees are a strong source of attacks. That’s not to say employees are all conspiring to bring business down, but all of the breaches are reminders that strong technology is only as powerful as the people who use it.
But the question now is what exactly should employees be trained on? Well I’ve put together a short list of what needs to be known and some key points on the subject.
First is to recognize the forms of cybersecurity threats. If you want people to spot them, they’re going to need to know what to look for. Fortunately you don’t need to go into extensive training on the various viruses out there. However it’s key for people to know the basics.
What you want to be highlighting is informing people on spam, phishing, malware, ransomware, and social engineering.
For these topics include examples, videos, and tips to prevent these sorts of attacks.
Second is to cover password security. We need passwords for everything these days and it’s important for us to make the password complex rather than easy to crack. Talk about how important passwords are and that they’re the first line of defense.
Third is discussing policies on email, internet, and social media use. Browsing habits can leave companies open to various malicious software if they’re not careful. Talk about why policies are important and why specific rules are placed in them. Better yet, take time to review the current policy you have with your team and discuss changes if needed.
Final key topic is identifying threats and being able to report them. Your staff is going to be your eyes and ears. All the devices they use can contain clues of potential threats. However, if you want employees to put a stop to those threats, you want to train them. Focus the training on what legitimate antivirus warnings look like, what’s considered spam content, and to be aware when unexplained errors occur and what to do with them.
This is only scratching the surface, but having employees have a basic knowledge of these topics can ensure there will be less human error. And even if there is, people will be able to report it and be able to talk about it quickly
View all episodes
By dpappIt’s easy to convince people to consider cybersecurity training. If people don’t know how to recognize breaches or threats, how can you expect them to avoid them, report them or remove them? They won’t be able to.
As I’ve said in the past a lot of breaches typically stem massively from people. From weak passwords, misplacing devices or leaving computers in public areas, employees are a strong source of attacks. That’s not to say employees are all conspiring to bring business down, but all of the breaches are reminders that strong technology is only as powerful as the people who use it.
But the question now is what exactly should employees be trained on? Well I’ve put together a short list of what needs to be known and some key points on the subject.
First is to recognize the forms of cybersecurity threats. If you want people to spot them, they’re going to need to know what to look for. Fortunately you don’t need to go into extensive training on the various viruses out there. However it’s key for people to know the basics.
What you want to be highlighting is informing people on spam, phishing, malware, ransomware, and social engineering.
For these topics include examples, videos, and tips to prevent these sorts of attacks.
Second is to cover password security. We need passwords for everything these days and it’s important for us to make the password complex rather than easy to crack. Talk about how important passwords are and that they’re the first line of defense.
Third is discussing policies on email, internet, and social media use. Browsing habits can leave companies open to various malicious software if they’re not careful. Talk about why policies are important and why specific rules are placed in them. Better yet, take time to review the current policy you have with your team and discuss changes if needed.
Final key topic is identifying threats and being able to report them. Your staff is going to be your eyes and ears. All the devices they use can contain clues of potential threats. However, if you want employees to put a stop to those threats, you want to train them. Focus the training on what legitimate antivirus warnings look like, what’s considered spam content, and to be aware when unexplained errors occur and what to do with them.
This is only scratching the surface, but having employees have a basic knowledge of these topics can ensure there will be less human error. And even if there is, people will be able to report it and be able to talk about it quickly