KnowBe4 is the market leading on-demand Internet Security Awareness Training (ISAT) provider that enables enterprises to quickly solve the increasingly urgent security problem of social engineering.
|Scooped by Samantha Bruno|
It might be a hard truth to swallow, but when it comes to online security the biggest risk is often our selves. All the antivirus software and spyware programs in the world can’t protect a system if the end-user isn’t security minded and aware of the threats out there. Like it or not, we are the weakest link.
“People continue to create the greatest risks.” Says online security training expert Stu Sjouwerman. One of the pioneers of internet security awareness training (ISAT), Sjouwerman is a keen advocate of heightening online risk prevention through the training and mentoring of end-users. “Whenever you talk about security vulnerabilities, the discussion always turns to the most direct threat; people.” He says.
The awareness, or lack thereof, of personnel to online risks and security breaches is becoming a major headache for companies and corporations. With virtually all business conducted online these days, a compromise to a network or database can spell absolute disaster for a company.
“People are our greatest asset, but they're also our weakest link when it comes to information security," State of Delaware’s Chief Security officer Elayne Starkey told Healthcare Info Security. Recognizing the importance of internet security awareness training she has implemented an internal security certification program as part of her endeavors to reduce the vulnerability employees present. She provides on-the-job awareness education for information security officers statewide to help minimize data leaks and combat threats such as spear phishing.
M&T Bank’s Senior VP for Information Technology Matthew Speare is in charge of the bank’s information risk program, ensuring the safety of the personal information of millions of customers. He too is convinced of the importance of internet security awareness training. “Whether it’s internal employees or customers,” he said to Healthcare Info Security, “unfortunately, people end up being their own worst enemy, as well as ours.” Accordingly he and his team attempt to change M&T staff’s behavior so they are not scammed into creating fraudulent transactions.
“Traditional once-a-year security awareness training doesn’t hack it anymore.” Notes Stu Sjouwerman, founder of ISAT provider Knowbe4.com. “Today employees are frequently exposed to sophisticated phishing attacks, and your users are now the weak link in your network security. They need to be trained by an expert, and after that training stay on their toes, keeping security top of mind.”
As the methods employed by cybercriminals become evermore devious and inventive, so your staff need to be kept abreast of new developments in online security awareness.