FINAL WORD organizations by including employee education and awareness in their cybersecurity strategy . By embracing this technique , leaders can ensure the workforce is prepared to face the various threats .
Regardless of job titles or roles , all employees should understand the repercussions of a security event and how it could affect the organization and them personally . The importance of this enterprise-wide strategic approach was highlighted in a 2019 Forbes
Insights survey of over 200 CISOs . When asked which security initiatives they plan to prioritize in terms of funding over the next five years , 16 % of respondents noted the creation of a culture of security .
While this is a step in the right direction , establishing a baseline for good cyberhygiene must begin with CISOs helping their employees take cybersecurity seriously . This can be achieved in the following ways :
1 . Prioritize cyber awareness training
Social engineering attacks are extremely prevalent across organizations simply because they work . In fact , Verizon ’ s 2019 Data Breach Investigations Report ( DBIR ) found that approximately one-third of all data breaches involved phishing in one way or another . To combat this risk , CISOs must educate their employees about common attacks that could appear in the form of phishing , spear phishing , smishing , or other tech support scams . downloading a file without taking the time to determine whether or not it is legitimate .
Careless and negligent behaviors can have a lasting effect on organizations , especially in the case of a data breach . And with more employees working from home , unable to walk over to a co-worker ’ s desk to get their thoughts on a suspicious-looking email , these individuals are more likely to be susceptible to social engineering attacks .
With this in mind , it is more important than ever that CISOs prioritize their employees ’ cybersecurity awareness to help them understand the role they play in keeping networks secure and reducing the insider threat risk .
Creating a human firewall through a culture of security
Considering employees can be the best line of defense , it is crucial that CISOs protect their
Whether these lessons are provided through online meeting spaces , video chat , or email , they should be prioritized . Understanding these threats and their associated red flags will be critical in helping employees avoid falling victim to fake emails or malicious websites .
In addition to teaching about common indicators of cyber-scams ( i . e ., the promotion of ‘ free ’ deals ), these training offerings should also feature simulated phishing exercises designed to test knowledge and determine which employees might need more assistance . Through tactics such as these , employees will be better equipped to know when they are
Establishing a baseline for good cyberhygiene must begin with CISOs helping their employees take cybersecurity seriously .
www . intelligentcio . com INTELLIGENTCIO NORTH AMERICA 83