• March 28, 2024
  • Catagory

Shore Up Security Training By Shortening it

By : Justin Folkerts

Human error is a threat actor’s best friend, but comprehensive security training can go a long way to reducing the likelihood of a data breach.

Human-related error continues to be the primary cause of successful cloud breaches, and if you think you’re too small to be a target, think again. Small businesses are more likely to experience a data breach incident.

But there are things you can do improve your security posture, and training your employees should be at the top of the list.

Keep training short and focused: The challenge with security training is it’s another task on an employee’s to do list – the trick is to make it short and relevant – rather doing occasional, long sessions, consider doing more frequent, focused security awareness training. Everyone in your company is busy, including your IT staff.
Simulate common threat scenarios: A “micro learning” approach should include simulations of common social engineering attacks such as phishing, which commonly come in form of slick looking emails, but are increasingly phony voice mails created by artificial intelligence (AI) voice generators. These short sprints of security training will help employees learn to recognize and respond to phishing attempts.
Remind your remote workers: Remote work continues to be the norm, which is why it’s critical employees know to secure their devices and information while working from home or on the road – remote workers are a preferred target of hackers and a significant attack surface along with other network endpoints. Security training for remote workers keeps them from becoming complacent and goes hand in hand with mandatory VPNs for accessing sensitive data from beyond the company firewall.
Simplify password management: Passwords are important no matter where employees are working but consider streamlining their management – cumbersome password policies will prompt employees to take shortcuts by reusing the same simple passwords and keeping them handy on a post-it note pasted to their workstation. Having a frequent yet short refresher on password creation will go a long way to safeguarding employee credentials, as will reminding employees to lock their screens when they step away from their workstation.

Security training doesn’t have to be an overwhelming task – breaking it down into smaller sessions can make it more manageable and more effective.