Page 83 - index
P. 83
Results are Measurable
Even the best internal programs stumble in one key area: measurement. If you can't accurately
measure and analyze results, you have no way of knowing:
• How the company is improving overall in its security awareness
• How individuals are changing their behaviors
• Which employees are still the weakest link from a security perspective and need to be
enrolled in follow-up training programs.
• Where the company is still most vulnerable in terms of type of attack (email, bad URLs,
smartphones, physical security, etc.)
Reporting capabilities from an outsourced partner provide both aggregate and individual data to
gauge effectiveness, guide follow-up training programs and show improved results over time.
Each day you put off implementing a security education program is a day when your company is
vulnerable to all types of cyber attacks. Training programs available from a trusted partner can
be rolled out companywide immediately, so as new threats become known, training is
available.
Effective Training is Outsourced Training
To be effective, security training needs to be more than a simple PowerPoint that warns people
of the dangers facing them or an email blast with the same message that goes unopened. A
comprehensive security education program includes:
• Broad assessments, which provide baseline information about employee knowledge on
several cyber security threat vectors and helps the security officer prioritize the training
rollout.
• Mock attacks, which allow companies to assess employees' initial susceptibility to
schemes such as phishing and malware, and provide motivation for employees to
complete training. Mock attacks can lead to training completion rates as high as 90
percent.
• Short, interactive training modules, that cover a variety of cyber threats, designed to
show employees what the threats are, how to best avoid different types of attacks, and
an opportunity to practice what they’ve been taught. This can help to ensure the right
employee behavior when they are faced with real attacks.
83 Cyber Warnings E-Magazine – July 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
