Understand that security awareness is not all about technology, it’s about human element, too.
Humans made mistake —there’s not a single person alive who never make a mistake. Mistakes can help employees grown and learn. Yet, human mistakes are far too often overlooked with cybersecurity in business. Security Awareness Training can help your employees potentially lessen their mistakes.
Human error is the main cause of 95% of cyber security breaches. In other words, if human error was somehow eliminated entirely, 19 out of 20 cyber breaches may not have taken place at all! (IBM)
But, let’s start with the Security Awareness Training, it should cover the Human element. And the person conducting the training should be a people person, which contradicts the what most think of the tech department. Sometimes the business will need to explore outside of the IT department to conduct the training.
Cybersecurity should be taken into consideration with every decision and action, and end-users will actively look out for and discuss security issues as they encounter them.
Simple human elements that can be changed easily:
- Public wifi hotspots are not to be trusted — 45% of workers in the US believe that public WiFi is safe when they are in a trusted location (Proofpoint 2020 User Risk Report)
- Do NOT share you work-issued or computer used for work with others – 50% of respondents admitted to allowing family or friends to use their work-issued device (Proofpoint 2020 User Risk Report).
- Train on regular basis, make sure the c-suite is a role model, for cybersecurity guidelines – 58% of respondents said that employees ignored policies and guidelines surrounding cybersecurity (Netwrix 2020 Cyber Threats Report)
RSA 2021 theme, ‘Human Element‘. RSA explains: “With all the new technologies, strategies and artificial intelligence being employed by both security pros and threat actors, one thing remains constant: us. We are the Human Element within cybersecurity.
Humans do not have to be your weakest link!