LATEST INTELLIGENCE
It should also be stated that a modern layered security strategy should be grounded and managed in a unified , harmonized and un-siloed environment .
LAYER 1 Security Awareness
You ’ ve purchased a full complement of the latest and greatest cybersecurity solutions , hired the best cybersecurity team , and patched every vulnerability you could find . On paper , your security posture looks great – until an attacker convinces one of your employees that they ’ re with IT and talks them into giving up their credentials .
Phishing and other social engineering tactics have a long , successful track record – and the current pace of change in the business world is giving them an even bigger advantage . With an unprecedented number of remote employees using more devices than ever , vulnerable to more attacks than ever , it ’ s never been more crucial to educate employees about the dangers of attacks that exploit human behavior and curiosity . It will require a top-down culture shift driven by the C-Suite – but when done correctly , Security Awareness initiatives can successfully mitigate the biggest security risk in any organization .
Security Awareness should include :
• Frequent , consistent and ever-evolving employee cybersecurity education
• Routine but unannounced penetration testing , particularly for phishing , downloads and telephone exploits
• Understanding and complying with established procedures , which could include everything from sites to avoid or which sanctioned apps or services to use .
• Tiered ramification for non-compliance
• Using established best practices and training in the real world ( eg ., social media ) p
www . intelligentcio . com INTELLIGENTCIO APAC 21