Small and Medium Organizations: Provide employee with awareness training
As technology evolves, cyber threat actors also continue to evolve their attack tactics and techniques. A lack of awareness of cyber threats can lead to cyber incidents. Your organization should focus on creating tailored cyber security training to help users avoid cyber incidents and strengthen the overall cyber security culture in the workplace.
What should my organization include in training programs?
Cyber threat actors take advantage of human error and deception to compromise information systems and assets. For example, cyber threat actors can access devices and information if easily guessed passwords are used for accounts. Or cyber threat actors can compromise your organization’s networks and systems by sending emails that contain malicious links or attachments.
Educating employees about common cyber threats can protect your organization and minimize risks. Your organization should consider addressing topics such as the following examples:
- Creating unique passphrases and complex passwords for all accounts
- Using the Internet and social media safely in the workplace
- Using approved software and mobile applications
- Identifying malicious emails
Recommendations for your organization:
- Invest in cyber security training for employees
- Consider creating a cyber security training policy