CISOs should take security training seriously

Security awareness training is pivotal to your organization’s information security posture, and, now, it’s more important than ever before.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

In many ways, security awareness training exemplifies the way information security is seen and tackled by senior management.

A once-a-year, classroom-based approach may be traditional, with security updates and warnings posted on walls and the Intranet, but it is also a sign of a tick-box, compliance-driven approach to security. It is often done to appease industry regulators, PCI and data protection authorities, and the training can offer relatively basic – arguably condescending- advice.

But times are changing. The threat landscape is growing with the arrival of millions of mobiles and wearables, each with their own IP address, while organized crime and nation-state APT groups are looking at new ways of compromising victims. From exploit kits and Trojans to ransomware, phishing and social engineering scams – the criminal game has moved on.

To continue reading this article register now

Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.