What’s the biggest cybersecurity threat your business faces right now? Hopefully, an answer springs to mind, along with a list of the solutions you have in place to keep attackers at bay. But ask yourself this: do your employees know? And if the worst did happen, how confident are you that your workforce would know exactly how to respond?
Cybersecurity education and training is one of the cornerstones of any enterprise security strategy, keeping companies looped in on the latest attack methods and helping employees foster a security-first mindset.
But how receptive are employees to the various training methods, how can training keep up with new advancements such as AI, and where do vendors such as your managed security service provider fit into the mix?
In this special edition of the ITPro Podcast, in association with Proofpoint, Jane and Rory are joined by Kevin Leusing, EMEA chief technologist at Proofpoint. Together, they discuss how firms can best use cybersecurity education and training to protect their workforce against the latest threats.
Highlights
"When a simulation is completed, the employee needs to understand: did they do the right thing? Was it even a simulation? Give them that immediate and timely feedback about what they did, how they performed, and what that looked like. But then continue and follow up with that, give them education materials throughout the year, short training, short articles that aren’t going to take a lot of time, but it keeps that security in the top of their mindset as they continue on."
"With the social engineering attacks that we see, it’s easy for even knowledgeable and very savvy users to fall victim to some of these kinds of threats. So by gamifying it, by making this more of an interactive and more valuable exercise for the employee, the better off they tend to be in solving some of this social engineering and not falling victim to it."
"Just the same way as threats coming into the environment through email or other sources, employees are understanding now the impact [of the fact that] AI is potentially far more risky than some of the inbound threats coming in, because now what we're doing is getting ourselves into a potential data loss situation."
Footnotes
- https://bit.ly/proofpoint-cyber-awareness-kit
- 2024 State of the Phish
- 2024 Voice of the CISO
- Why social engineering is such a problem and how your business can protect itself
- Organisations could soon be using generative AI to prevent phishing attacks
- Nearly half of EMEA data breaches were due to internal blunders in 2023
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
ITPro is a global business technology website providing the latest news, analysis, and business insight for IT decision-makers. Whether it's cyber security, cloud computing, IT infrastructure, or business strategy, we aim to equip leaders with the data they need to make informed IT investments.
For regular updates delivered to your inbox and social feeds, be sure to sign up to our daily newsletter and follow on us LinkedIn and Twitter.