Page 38 - Cyber Defense eMagazine - December 2017
P. 38
10. Have Them Sign a Security Awareness Agreement
Social engineering is the biggest hammer cyberattackers have. Over 80 percent of
breaches come from within a company. It’s not that employees are evil, they don’t
usually mean harm. Andy jokes, “Stupidity. There’s never a patch for stupidity.” But,
really, he knows all the people at your company are smart—just lacking training.
Training an entire company on cybersecurity is a massive undertaking but will make a
huge difference. Your company should conduct security awareness training and take
users through it. Once they have passed, have them sign an awareness agreement.
The agreement says, more or less, “Okay, we have a web access policy, and I know
what it is. Same for our email access policy, VPN policy, etc.” Then, there really is no
excuse.
Learn more!
The podcast goes into more detail about MDM, the cloud, and other security topics.
Plus, Andy answers the question, “Would you rather be able to see 10 minutes into your
own future or 10 minutes into the future of everybody else?” You can also follow Andy at
andymalone.org and on Twitter @andymalone.
If you’d like to learn more about automating verification of security policy and all the
items we’ve mentioned here, visit www.adaptiva.com/client-health.
About the Author
Bill Bernat, director and technology evangelist at Adaptiva,
has worked in the technology industry for over 25 years.
Before joining the team at Adaptiva, Bill was the web
publisher at OpenText and a technical editor for Penton’s
Streaming Media Magazine. He spent many years as a
programmer and engineering manager for a variety of
organizations including NASA, Union Bank of California, and
Banc of America Securities. For more information, please visit www.adaptiva.com and
follow the company on LinkedIn, Facebook, and Twitter.
38 Cyber Defense eMagazine – December 2017 Edition
Copyright © 2017, Cyber Defense Magazine, All rights reserved worldwide.
