infosec

Mind The Gap: Cybersecurity In Corporate Training

Cybersecurity In Corporate Training

Over the years, I have had the opportunity to travel often for my career. Of all the cities I’ve visited, London is one of my favorites. On a recent visit, one thing became overwhelmingly clear; The city aims to build awareness in its citizens and visitors and to change their behaviorsHow so? You have probably seen a version of the famous London Underground sign: MIND THE GAP.

If you aren’t familiar with it, this insignia is displayed at the edge of train platforms to remind passengers of the gap between the walkway and the train car. The purpose of the message is to boost awareness and ultimately, alter passenger behavior. Similarly, this is also the purpose of training in corporations – to increase the awareness of employees, to change their behaviors and increase their safety.

Over the last few decades, companies have reacted to legal and financial threats, as well as safety threats, by building a collection of mandatory training for their personnel. Following the founding of OSHA in the 70’s, we saw a rise in training around safety-related behaviors, both in the field and in the office. In the 80’s, sexual harassment was a hot topic, and even lawyers joined the business of training clients on both the law itself, and the behaviors that were and were not acceptable. Following major ethical lapses and the Enron failure in 2001, corporations set their sights on ethics training. Today, those training topics are the norm, and new topics continue to be added in, such as cultural sensitivity, and improving diversity in the workplace.

These surges in training topics usually follow months or even years of accidents, injuries, lawsuits, and/or bad press. After years of data breaches, data privacy concerns, and the next wave of internet connected devices, cybersecurity has now reached that threshold. Given current risks to data privacy and work product, here is the question:

Why hasn’t cybersecurity awareness training been added to every corporate training program?

If we are aware of the gap, why aren’t we using training to lessen our risk? Look at the list of required training in your own company – you will likely find the classics, but is there anything focused specifically on cybersecurity?  Should you care? The answer is yes because, of course, the gap presents a risk to any business, especially considering following factors.

  • Unawareness
    Awareness is the first step to change. Unfortunately, the majority of people are largely unaware of the cyber risks they face every day at work. Ask the next 10 people you see, “Do you use the cloud at work?” Most will say no. Then ask if they’ve checked Facebook. The answer will be “of course”, but they are missing the fact that Facebook is cloud. What would happen if you called 10 users in your organization and asked for their passwords while masquerading as the Helpdesk? Research shows that a high percentage of people will willingly give you their password without asking for any verification.
  • The Rise of BYOD
    Gartner predicts that in 2017, 90% of organizations will support some aspect of a BYOD (Bring Your Own Device) strategy. As BYOD programs grow and users have more and more company data on their personal devices, employers are losing visibility over data and where it is stored. Additionally, in many countries, privacy laws make it difficult for a company to delete or recover data from an employee’s phone, so companies are losing access and control, as well.

Once aware, employees understand the risks and can adopt behaviors to better protect themselves and their organization’s data. They must limit exposure to risk by knowing what to, and what NOT to do.

Training can enlighten and empower employees, but safe cyber behaviors must be integrated into the culture, “baked in – not bolted on”, as they say. Phishing campaigns and other security initiatives can be included, in order to strengthen the overall training effectiveness. Train your employees from day one – Include cybersecurity training in onboarding, remind them in meetings, re-enforce the positive behaviors and track the risky ones. Build the cultural awareness, and reinforce it with annual refresher training. The cyber train is coming – Mind the gap!

By Ann Steel, Manager –  Enaxis Consulting

Cloud Syndicate

The 'Cloud Syndicate' is a mix of short term guest contributors, curated resources and syndication partners covering a variety of interesting technology related topics.

Contact us for syndication details on how to connect your technology article or news feed to our syndication network.

Long term thought leadership contributors will not show up under the 'Cloud Syndicate' section as they will receive their own custom profile on CloudTweaks.

CONTRIBUTORS

Connecting the Power of IoT

Connecting the Power of IoT

Connection Power I come not to bury Caesar. Nor do I come to bury his estimates. Estimates, attempts based on ...
Cloud-Based or On-Premise ERP Deployment? Find Out

Cloud-Based or On-Premise ERP Deployment? Find Out

ERP Deployment You know how ERP deployment can improve processes within your supply chain, and the things to keep in ...
The Cancer Moonshot: Collaboration Is Key

The Cancer Moonshot: Collaboration Is Key

Cancer Moonshot In his final State of the Union address in January 2016, President Obama announced a new American “moonshot” ...
What’s Next In Cloud And Data Security For 2017?

What’s Next In Cloud And Data Security For 2017?

Cloud and Data Security It has been a tumultuous year in data privacy to say the least – we’ve had ...
Combining IoT Gizmo Kits With Your 3D Printer

Combining IoT Gizmo Kits With Your 3D Printer

IoT and 3D Printing The 3D printer in my cubicle keeps printing name tags without my name and only cube ...
Using Cloud Technology In The Education Industry

Using Cloud Technology In The Education Industry

Education Tech and the Cloud Arguably one of society's most important functions, teaching can still seem antiquated at times. Many ...
Data Science And Machine Learning Jobs Most In-Demand on LinkedIn

Data Science And Machine Learning Jobs Most In-Demand on LinkedIn

Data Science And Machine Learning Jobs Machine Learning Engineers, Data Scientists, and Big Data Engineers rank among the top emerging jobs ...
AI – The Present in the Making

AI – The Present in the Making

I attended the Huawei European Innovation Day recently, and was enthralled by how the new technology is giving rise to industrial revolutions ...
Cloud’s Challenge – Bigger than Twice the Stars in the Milky Way

Cloud’s Challenge – Bigger than Twice the Stars in the Milky Way

There are only 100 Billion stars in the Milky Way. Compare that to the over 200 Billion lines of COBOL ...
jobs

How To Become an AWS Certified Solutions Architect

AWS Certified Solutions Architect AWS launched its certification model to validate knowledge of professionals against ever changing standards of the ...

NEWS

Google classroom

Google to expand cloud infrastructure with new regions, submarine cables

(Reuters) - Alphabet Inc’s Google said on Tuesday it would add five regions and build three new submarine cables as ...
Red Hat global survey finds field services operations bullish on emerging technologies

Red Hat global survey finds field services operations bullish on emerging technologies

Bullish Emerging Technologies For many industries, from transportation to utilities, manufacturing and more, field workers are pivotal to the success ...
IBM shares rise after Barclays double upgrade

IBM shares rise after Barclays double upgrade

(Reuters) - Shares in International Business Machines rose nearly 2 percent on Wednesday, helped by a double-notch upgrade for the ...