CISOs should take security training seriously

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

Security awareness training is pivotal to your organization’s information security posture, and, now, it’s more important than ever before.

In many ways, security awareness training exemplifies the way information security is seen and tackled by senior management.

A once-a-year, classroom-based approach may be traditional, with security updates and warnings posted on walls and the Intranet, but it is also a sign of a tick-box, compliance-driven approach to security. It is often done to appease industry regulators, PCI and data protection authorities, and the training can offer relatively basic – arguably condescending- advice.

But times are changing. The threat landscape is growing with the arrival of millions of mobiles and wearables, each with their own IP address, while organized crime and nation-state APT groups are looking at new ways of compromising victims. From exploit kits and Trojans to ransomware, phishing and social engineering scams – the criminal game has moved on.

To continue reading this article register now

Join the discussion
Be the first to comment on this article. Our Commenting Policies