HackDig : Dig high-quality web security articles for hackers

Six Steps to Train Your Users to Fight Cybercrime

2016-04-07 14:45
<p><img alt="Fight cybercrime" src="http://info.phishlabs.com/hubfs/blog-files/Miyagi.jpg" style="width: 363px; float: right;" title="Fight cybercrime" width="363"></p> <p>Stopped in traffic on my commute home it hit me…(not the person texting and driving) but the idea that I’d just been miyagi’d!</p> <p>Every day I have the pleasure of speaking with Information Security leaders across multiple verticals. I learn about the challenges they face and the Security Awareness Programs that they have implemented to foster a security vigilant environment.</p> <p>What I hadn’t realized is that my daily conversations with those in the Information Security space have taught me best practices for coaching users to become a human layer of defense in a security infrastructure. Not everyone has the chance to talk with peers frequently about what is working and what is not, so I’ve curated a set of steps that are easy to follow based on my conversations:</p> <ol> <li>“<strong>By failing to prepare you are preparing to fail”</strong></li> </ol> <p>Create a measurable training plan to keep focus and measure results. Modify the plan when needed based on the results.</p> <ol start="2"> <li><strong>Conduct a baseline</strong> <strong>assessment</strong></li> </ol> <p>Before you start a training plan test your users to establish a starting point so that you are able to measure achievement.</p> <ol start="3"> <li><strong>Scrimmage</strong></li> </ol> <p>Test your users by emulating real life phishing threats so that they are prepared to make game-time decisions when they are targeted with a spear phishing attack. &nbsp;&nbsp;</p> <ol start="4"> <li><strong>Timing is everything</strong></li> </ol> <p>Educate in engaging ways at exact time the user fell for the phishing simulation. Users are more likely to learn in the moment.</p> <ol start="5"> <li><strong>Celebrate Achievements</strong></li> </ol> <p>If a user reports a phishing simulation thank them for making your company a safer place. Everyone appreciates recognition for a job well done.</p> <ol start="6"> <li><strong>Don’t stop when you’re ahead</strong></li> </ol> <p>Continue to train and test even after click rates are down. Even the most savvy users can get of out practice and make a mistake.</p> <p>Follow these steps and <a href="https://www.phishlabs.com/t2-spear-phishing-protection/employee-defense-training/">your employees will be your most effective layer of defense</a>. Let us know what we’ve missed. What has worked for your team to condition users?</p> <p>Get information&nbsp;about <a href="https://www.phishlabs.com/t2-spear-phishing-protection/employee-defense-training/">Employee Defense Training</a> from PhishLabs.</p> <img src="http://track.hubspot.com/__ptq.gif?a=326665&amp;k=14&amp;r=http%3A%2F%2Fblog.phishlabs.com%2Fsix-steps-to-train-your-users-to-fight-cybercrime&amp;bu=http%253A%252F%252Fblog.phishlabs.com&amp;bvt=rss" alt="" width="1" height="1" style="min-height:1px!important;width:1px!important;border-width:0!important;margin-top:0!important;margin-bottom:0!important;margin-right:0!important;margin-left:0!important;padding-top:0!important;padding-bottom:0!important;padding-right:0!important;padding-left:0!important">


Source: emircrebyc-thgif-ot-sresu-ruoy-niart-ot-spets-xis/moc.sbalhsihp.golb

“Six Steps to Train Your Users to Fight Cybercrime”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Tools

Tag Cloud