10 Security Awareness Training Mistakes to Avoid

Dark Reading

Give your cybersecurity culture a boost by adding these to the "don't" column of your cybersecurity awareness training do's and don'ts list

What is Cyber Security Awareness and Why is it Important?

IT Governance

For all the talk of criminal hacking, ransomware infections and the technologies to prevent them, the key to protecting your organisation is cyber security awareness training. The importance of cyber security staff awareness. Cyber security awareness best practices.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Reinventing Security Awareness Training

Data Breach Today

Want to improve how your organization delivers and absorbs security awareness training? Then it comes down to reinventing your approach, including gamification, says Barracuda's Michael Flouton

Gamifying Password Training Shows Security Benefits

Dark Reading

When picking passwords, users often fall back on certain insecure patterns, but good habits can be learned using simple games, a group of researchers find

Cybersecurity Training Agency Breached After Phishing Attack

Adam Levin

The SANS Institute, a company that provides cybersecurity training and certification, announced that a data breach compromised the personally identifiable data of roughly 28,000 records. The post Cybersecurity Training Agency Breached After Phishing Attack appeared first on Adam Levin.

Educating Educators: Microsoft's Tips for Security Awareness Training

Dark Reading

Microsoft's director of security education and awareness shares his approach to helping train employees in defensive practices

3 reasons cyber security training is essential

IT Governance

Organisations are always looking for ways to improve their cyber security defences, but they often overlook the value of enrolling their employees on cyber security training courses. If you want to keep your organisation secure, you need your employees to know what they’re doing. Placing staff on information security training courses will help them understand the mistakes they’re making and teach them to work more effectively. ISO 22301 training courses.

Free Threat Modeling Training

Adam Shostack

Security threat modelingThe current situation is scary and anxiety-provoking, and I can’t do much to fix that. One thing I can do is give people a chance to learn, and so I’m making my Linkedin Learning classes free this week. (I’m

IT 83

Training to Improve Support of Product Security

Data Breach Today

The Forum of Incident Response and Security Teams recently announced the release of new training resources to help organizations build and improve product security incident response teams. Damir "Gaus" Rajnovic of FIRST discusses the global need for these resources

Cyberattacks Are Tailored to Employees. Why Isn't Security Training?

Dark Reading

Consider four factors and behaviors that impact a particular employee's risk, and how security training should take them into account

Risk 46

On Chinese "Spy Trains"

Schneier on Security

Congress is considering legislation that would prevent the world's largest train maker, the Chinese-owned CRRC Corporation, from competing on new contracts in the United States. But another part involves fears about national security. News articles talk about " spy trains ," and the possibility that the train cars might surreptitiously monitor their passengers' faces, movements, conversations or phone calls.

US Cyber Command and Australian IWD to develop shared cyber training range

Security Affairs

US Cyber Command and the Information Warfare Division (IWD) of the Australian Defense Force to develop a virtual cyber training platform. & Australia means we can both evolve our virtual cyber training range. Persistent Cyber Training Environment allows U.S. &

Office 365 Users Targeted By ‘Coronavirus Employee Training’ Phish

Threatpost

Threat actors shift focus from COVID-19 to employee coronavirus training and current events like Black Lives Matter as cyber-attacks continue to rise.

Malware Training Sets: FollowUP

Security Affairs

Since that day I received hundreds of emails from students, researchers and practitioners all around the world asking me questions about how to follow up that research and how to contribute to expanding the training set. Now, if you wish you are able to generate training sets by yourself and to test new algorithms directly into WEKA. I am a computer security scientist with an intensive hacking background.

Why Security Awareness Training Should Be Backed by Security by Design

Dark Reading

Cybersecurity training needs an overhaul, though the training itself is only one small part of how security teams can influence user behavior

Why your IT team needs cyber security training

IT Governance

Organisations often fall into the trap of lumping cyber security together with their other IT functions. Although they are obviously connected – anti-malware, firewalls and a host of other technologies are a core part of cyber security – there is a lot more to it. Cyber Security

Top Cybersecurity Employee Training Programs

eSecurity Planet

Employees are the weakest part of your cybersecurity defenses; here are 9 top security training vendors that can help

Training: Threat Modeling for Security Champions

Adam Shostack

I haven’t talked about it much, but I spent the first few months of the pandemic learning how to deliver effective training in a distributed (online) model. We have a few seats available in an upcoming distributed class, “Threat Modeling for Security Champs.”

What Are the Requirements for CCPA Training? via TeachPrivacy

IG Guru

Check out this great overview about CCPA training from Professor Solove. The post What Are the Requirements for CCPA Training? Business CCPA Education IG News Information Governance information privacy Privacy Security Daniel Solove TeachPrivacy Training

Less Is More: Words Matter in Security Training and Awareness

MediaPro

The post Less Is More: Words Matter in Security Training and Awareness appeared first on MediaPRO. Blog Foundational Security Awareness Thought Leadership cybersecurity engagement phishing security awareness security training

'Culture Eats Policy for Breakfast': Rethinking Security Awareness Training

Dark Reading

What's definitely not working with end-user cybersecurity awareness training - and what you can do about it

6 Security Training Hacks to Increase Cyber IQ Org-Wide

Dark Reading

Move beyond generic, annual security awareness training with these important tips

Regular User Training Most Effective Security Antidote

Dark Reading

Regular training sessions coupled with creation of a "human firewall" remain the most effective protections against social engineering and phishing, he adds Social engineering remains the top vulnerability organizations face because humans remain the easiest way to access networks or databases, says Stu Sjouwerman, Founder and CEO of KnowBe4.

3 Reasons to Train Security Pros to Code

Dark Reading

United Health chief security strategist explains the benefits the organization reaped when it made basic coding training a requirement for security staff

IT 86

Designing Employee Security Awareness Training That Works

eSecurity Planet

The secret to effective employee security awareness training boils down to three things: Train early, often, and explain why

SANS Security Training Firm Hit with Data Breach

Dark Reading

A phishing email allowed an attacker to compromise a SANS employee's email environment, the organization reports

Phishing Campaign Pretends to be Phishing Training Reminder

Adam Levin

A phishing campaign is targeting employees with phony email reminders for cybersecurity and phishing awareness training. . The post Phishing Campaign Pretends to be Phishing Training Reminder appeared first on Adam Levin.

MediaPRO Puts Human Connection First with Launch of Security and Privacy Training Series Paradigm

MediaPro

The post MediaPRO Puts Human Connection First with Launch of Security and Privacy Training Series Paradigm appeared first on MediaPRO.

Gamification is Adding a Spoonful of Sugar to Security Training

Dark Reading

Gamification is becoming popular as companies look for new ways to keep employees from being their largest vulnerability

8 key elements of an effective staff awareness training programme

IT Governance

Information security professionals invariably spend most of their time and resources developing measures to prevent crooks breaking into their systems, but did you know that the majority of data breaches are caused by an employee misplacing, stealing or being tricked into handing over sensitive information ? These kinds of incidents thrive because organisations don’t place enough emphasis on security awareness programmes , which reduce the risk of human error and malicious insiders.

55% of Companies Don't Offer Mandatory Security Awareness Training

Dark Reading

Even those that provide employee training do so sparingly, a new study finds

IAPP Offers Training to prepare for CCPA

IG Guru

The post IAPP Offers Training to prepare for CCPA appeared first on IG GURU. Business CCPA Education IG News Information Governance information privacy information security Privacy Record Retention Risk News IAPP Training

GDPR 52

ISO 27001 training in Birmingham

IT Governance

Achieving certification to ISO 27001 demonstrates to existing and potential customers that your organisation has defined and put in place best-practice information security processes. ISO 27001 is the only auditable international standard that defines the requirements of an information security management system (ISMS). Since then, we’ve helped more than 7,000 professionals with their ISO 27001 training on ISMS implementations and audits.

GDPR 60

The effects of phishing awareness training wear off over time

IT Governance

Employees forget the guidance given on phishing training courses within six months, new research has revealed. The findings, which were presented at the USENIX SOUPS security conference in August, were the result of a year-long investigation into the effectiveness of staff awareness training.

Best Cybersecurity Awareness Training for Employees in 2021

eSecurity Planet

Employee cybersecurity training has come a long way in the last few years. Back in the day, security training was largely reserved for IT security specialists and then extended to include IT personnel in general. Top Cybersecurity Training Tools for Employees.

Live Webinar: The Benefits of Building Security Training Employees Want to Take

MediaPro

The post Live Webinar: The Benefits of Building Security Training Employees Want to Take appeared first on MediaPRO.

I Am Not a Soldier, but I Have Been Trained to Kill

WIRED Threat Level

Backchannel Security Security / National SecurityA sprawling tactical industry is teaching American civilians how to fight like Special Ops forces. By preparing for violence at home, are they calling it into being?

IT 110

Information security and compliance training for the healthcare sector

IT Governance

To address the rising threat of data breaches across all sectors, new compliance requirements which aim to harmonise and improve data security practices. and healthcare must address the new DSP (Data Security and Protection) Toolkit. Providing adequate levels of training to staff is vital to address the practicalities of information security and avoid the risk of non-compliance. ISO 27001 training. Healthcare Training GDPR Information security

Security Training and Awareness: The Missing Piece of Your Insider Threat Program

MediaPro

The post Security Training and Awareness: The Missing Piece of Your Insider Threat Program appeared first on MediaPRO. Blog Foundational Security Awareness Thought Leadership incident reporting insider threats security awareness security training

How Behavioral Data Shaped a Security Training Makeover

Dark Reading

A new program leveraged behavioral data of employees to determine when they excelled at security and where they needed improvement