New IT Security Awareness Learning Library Designed to Help Workers Become Frontline Cyber Defenders for Their Employers

Taking advantage of a user’s poor security practices is often a critical first step for malicious hackers or other cybercriminals seeking to compromise an organization’s systems and data. More than 80 percent of hacking-related breaches leveraged stolen or weak passwords, according to research for the 2017 Data Breach Investigations Report from Verizon. The report also says that about one in 14 users were duped by a phishing campaign that led them to click on a link or open an attachment that was malicious.

The number of recent and massive data breaches only highlights the critical importance of turning workers into effective frontline cyber defenders for their organizations. Employee training, as a complement to strong technical security controls such as anti-virus, anti-spyware and web filtering technology, can go a long way toward improving an organization’s overall security posture.

However, many businesses fall short when it comes to training their teams. Even companies with high board engagement in cybersecurity can struggle to get messages through to their workers: Our research shows that less than half of these organizations (48 percent) do an excellent job of communicating to employees the need to differentiate between public and sensitive data, and how to handle each type.

Companies often fail to invest adequate resources into developing a formal security awareness program that includes effective educational tools. There is often over-reliance on the IT team to keep the workforce up to date on cyber threats and security best practices. While IT is a logical resource for providing security training, few departments have the time or staff to do this well — or continuously. Also, IT personnel may not be the most effective teachers for employees who are not tech-savvy.

Security Training Based on Real Life

To help workers build foundational knowledge about security risks and best practices, learn that information at a comfortable pace and retain it, and understand their critical role as frontline cyber defenders, businesses need access to training resources that will engage their employees.

With that in mind, Protiviti’s Training and Communication Solutions team, in close collaboration with our Technology Consulting Group, has developed an IT Security Awareness Training Library for businesses to equip their employees with information that will help them keep data and devices secure. The library is the result of years-worth of observations from the practice field, where we have seen patterns of weaknesses and ways that cyber training can be improved.

The three- to five-minute interactive learning modules in our “Security Awareness Series” are designed to provide fast, effective and mobile-friendly training for employees, and to appeal to a broad audience. The video-based modules cover a range of timely information security topics such as:

  • Data security
  • Data privacy
  • Password control policy
  • Social networking
  • Portable device security
  • Spear phishing
  • Ransomware
  • Encryption

We know firsthand from conversations with our clients — and from the news headlines — that the need for effective security training for employees is getting more critical by the day. Workers cannot help to protect the organization’s “crown jewels” if they don’t understand the risks, and how to avoid or respond to them. By making our field experience available to the public in the form of this training library, we hope to be part of solving that problem — and helping businesses become more cyber resilient.

Jon Williams, Director in Protiviti’s Training and Communications Practice, contributed to this content.

Cal Slemp

Managing Director
IT Security and Privacy Practice Leader

Richard Childs

Managing Director
Consumer Products and Services Industry Leader

Subscribe to Topics

Are you interested in becoming a #quantum coder? The #quantumcomputing industry is struggling to find talent. Join #ProtivitiTech host @KonstantHacker for a chat about the path to this exciting career with Peter Noell from @ColdQuanta.

In this #ProtivitiTech webinar, we will walk through #security breach case studies we have responded to, break down how attackers targeted and exploited the environments, and how the attacker was able to evade detection or exfiltrate #data. Register now:

In this #ProtivitiTech webinar, hear from panelists that are leading the way in #cybersecurity as they share their experiences on how #genderdiversity plays into the broader #talentgap and the consequences organizations will face if not addressed.

Business continuity and resilience are critical topics in boardrooms and among the C-suite. We have updated our guide to answer key questions, no matter the industry you’re in. Download your copy today.

#ProtivitiTech #businesscontinuity

Identifying #cybersecurity issues and creating #riskmanagement plans can be complex. A #CISO who provides relatable information will help in planning for cybersecurity needs. Read more from #ProtivitiTech Terry Jost and Andy Retrum in @AgendaWeek.

Load More