In the latest episode of Security Sessions, CSO Editor-in-Chief Joan Goodchild speaks with Bill Rosenthal, CEO of Logical Operations, about what's missing in many security awareness training programs that enterprises often deploy (if they're doing them at all).
As more companies face the realities of cybercrime, malware, and data breaches, many of them are turning to security awareness training programs to keep their employees from becoming the next victim of an attack. But a lot of these programs are ineffective, giving employees a “read this email, watch this video” program, and the CSO a “box to check off”.
In the latest episode of Security Sessions, I spoke with Bill Rosenthal, CEO of Logical Operations, about the lack of effective security awareness programs at companies.
Among the highlights of the video above are the following sections:
- 1:14 The current state of security awareness training at companies.
- 2:49 What will it take to get more companies on board with security awareness training?
- 3:51 Why don’t end users follow cyber-security policies? How can IT engage them more?
- 5:37 Why going beyond self-assessment training is needed for most companies.
- 7:20 Figuring out different training for different employee roles.
- 8:54 Advice for security executives on improving engagement with end users beyond the weekly security email.
Read the article on CSO's website: http://www.csoonline.com/article/3112008/security/how-can-we-improve-awareness-training.html.
To learn more about how to help your employees recognize security risks in order to protect themselves and your organization from cyber threats, visit www.cybersafecertified.com.
If you'd like to learn more about how to prepare your IT teams to defend your organization's network, visit www.cfrcertified.com.