Why do organizations conduct security awareness training?
Majority of security issues come from human mistakes and unawareness. Thats why cybersecurity awareness training has a critical role to play in minimizing the serious cybersecurity threats. Key training topics typically include explaining social engineering, phishing attacks, password management and protection importance, and various other web, physical and office security issues.
- 80% cybersecurity risks are related to people behavior
- it can be reduced by 60% just with change of user behavior
- 50% of training should be part of company internal policies
What should contain basic employee cybersecurity literacy
Working with emails
- How to recognize fraudulent e-mails, how to use email safely
- Fraud emails, fake email sender
Working with sensitive company content
- Basic security hygiene
- Basic information handling habits
- Pitfalls and risks of online communication
- How to safely use IT systems and Wi-Fi networks
Protection of digital identity
- Passwords, credentials and identity theft
Using password on devices
- Basics of password management, how to correctly set and keep passwords safe
- Password security, including instruction on using strong passwords and avoiding personal passwords
How to treat with falshdrives and external media
- How to treat external memory disks, harddisks and other media
Importance of backups
- Importance of backups
- Fraud of social network accounts and impacts, methods for hacking social media accounts
Common types of cyberattacs and frauds
- Common cyberattacks, how to detect a potential cyberattack
- Fraud methods on internet, social engineering,
- Malicious methods on the internet
- False websites, how to recognize fraudulent websites, how to use websites safely
- Basic tricks of social engineering
- Phishing awareness, teaching employees how to recognize and deal with potential phishing emails
Digital footprint on the internet
- There is (no) anonymity on the internet