The Protiviti View  | Insights From Our Experts on Trends, Risks and Opportunities

The Protiviti View

Insights From Our Experts on Trends, Risks and Opportunities
Search

POST

2 mins to read

New IT Security Awareness Learning Library Is Designed to Help Workers Become Frontline Cyber Defenders for Their Employers

Larger Font
2 minutes to read

Taking advantage of a user’s poor security practices is often a critical first step for malicious hackers or other cybercriminals seeking to compromise an organization’s systems and data. More than 80 percent of hacking-related breaches leveraged stolen or weak passwords, according to research for the 2017 Data Breach Investigations Report from Verizon. The report also says that about one in 14 users were duped by a phishing campaign that led them to click on a link or open an attachment that was malicious.

The number of recent and massive data breaches only highlights the critical importance of turning workers into effective frontline cyber defenders for their organizations. Employee training, as a complement to strong technical security controls such as anti-virus, anti-spyware and web filtering technology, can go a long way toward improving an organization’s overall security posture.

However, many businesses fall short when it comes to training their teams. Even companies with high board engagement in cybersecurity can struggle to get messages through to their workers: Our research shows that less than half of these organizations (48 percent) do an excellent job of communicating to employees the need to differentiate between public and sensitive data, and how to handle each type.

Companies often fail to invest adequate resources into developing a formal security awareness program that includes effective educational tools. There is often over-reliance on the IT team to keep the workforce up to date on cyber threats and security best practices. While IT is a logical resource for providing security training, few departments have the time or staff to do this well — or continuously. Also, IT personnel may not be the most effective teachers for employees who are not tech-savvy.

Security Training Based on Real Life

To help workers build foundational knowledge about security risks and best practices, learn that information at a comfortable pace and retain it, and understand their critical role as frontline cyber defenders, businesses need access to training resources that will engage their employees.

With that in mind, Protiviti’s Cybersecurity Solution team, has developed an IT Security Awareness Training Library for businesses to equip their employees with information that will help them keep data and devices secure. The library is the result of years-worth of observations from the practice field, where we have seen patterns of weaknesses and ways that cyber training can be improved.

The three- to five-minute interactive learning modules in our “Security Awareness Series” are designed to provide fast, effective and mobile-friendly training for employees, and to appeal to a broad audience. The video-based modules cover a range of timely information security topics such as:

  • Data security
  • Data privacy
  • Password control policy
  • Social networking
  • Portable device security
  • Spear phishing
  • Ransomware
  • Encryption

We know firsthand from conversations with our clients — and from the news headlines — that the need for effective security training for employees is getting more critical by the day. Workers cannot help to protect the organization’s “crown jewels” if they don’t understand the risks, and how to avoid or respond to them. By making our field experience available to the public in the form of this training library, we hope to be part of solving that problem — and helping businesses become more cyber resilient.

Was this post helpful to you?

Thanks for your feedback!

Subscribe to The Protiviti View Blog

To face the future confidently, you need to be equipped with valuable insights that align with your interests and business goals.

In this Article

Authors

Rick Childs

By Rick Childs

Verified Expert at Protiviti

EXPERTISE

Cal Slemp

By Cal Slemp

Verified Expert at Protiviti

EXPERTISE

No noise.
Just insights.

Subscribe now

Related posts

Article

What is it about

While the return-to-office decision is often framed in a straightforward manner — we believe collaboration, productivity and innovation flourish more...

Article

What is it about

What you need to know: Aging systems, data silos, regulatory pressures and talent gaps complicate enterprise transformation for public utilities....

Article

What is it about

The top priority for healthcare internal auditors this year is cybersecurity, according to a survey by Protiviti and the Association...

Search