More than 101 – training employees to close your biggest security gap.
Your Challenge
- Of all of the enterprise security breaches that occur, greater than 50% derive from employees acting out of ignorance or error. These problems can be addressed with effective security awareness training.
- Security awareness training must cover many topics and can take many forms; understanding what to teach and how to teach it complicates the process and impedes the efforts of many enterprises.
- Training itself is only half the battle: testing is essential to demonstrating that training is effective.
Our Advice
Critical Insight
Once-a-year security training and testing, although popular, is one of the least effective security training paradigms. Frequent “microtraining” combined with on-going testing yields greater uptake and a more secure environment.
Impact and Result
Upon completion of the work outlined in this Solution Set, you will have established enterprise training needs, determined appropriate delivery mechanisms, and implemented an appropriate enterprise security awareness training and testing program.
Get to Action
1. Understand security training and develop a training program.
A security-aware workforce that can protect enterprise resources. - Storyboard: Build an Enterprise IT Security Training Program - Building an Enterprise IT Security Training Program
2. Define the parameters of a training program.
Documentation of the factors driving the security training program. - Establishing Training Parameters Template
3. Baseline enterprise training needs.
Guidance on training topics and delivery mechanisms. - IT Security Training Tool
