What security awareness training should include?
The vast majority of all cyberattacks begin with one person making one mistake. Security awareness training is designed to effectively counteract this “human vulnerability”. Find out what is essential and how we design them in this interview with Alex Faes, our Network & Security Consultant.
Why are security awareness trainings important? – You know that you shouldn’t click on any funny links, don’t you?
Alex Faes: “An IT security system is only as strong as its weakest link – and this is not just about technologies and processes, but in particular about the human risk factor. Minimizing this potential vulnerability is an essential component of any IT security strategy. Social Engineering quickly turns a funny link into an unsuspicious link.Phishing emails are far from the only attack vector covered in security awareness training.”
What is the key to success in security awareness training?
Security awareness training requires the full attention of the participants. In fact, many attacks target the carelessness of IT users. This is why face-to-face training is often more sustainable than online training, where participants are often engaged in other activities on the side or are distracted more quickly. During training, there should be an atmosphere in which participants do not have to be embarrassed to ask questions.
How do you ensure that employees do not forget what they have learned?
Aha experiences promote awareness in the long term. Realistic simulated social engineering attacks in the run-up to security awareness training can create aha experiences. It’s not just about knowledge, it’s about awareness. Awareness can be raised with real-world examples of successful attacks. Security awareness is a permanent learning process in the minds of the people concerned, so refreshers including the identification of ever new threats are very important.
What do resellers themselves need to be able to do or know in order to offer such training successfully?
Apart from didactic skills, customer proximity is extremely important in order to carry out the training individually according to the customer’s industry, culture and language. The documents and practical examples must be permanently adapted or updated to the current cyber risks.
To what extent does offering awareness training lead to further business for resellers?
The speaker can personally demonstrate his expertise to the entire staff. Where else can you get this entry-level opportunity. An IT security system is only as strong as its weakest link – After training, which is now the weakest link?
We will be happy to help you answer these and other questions! – Contact us or learn more about our security offering: