What security awareness training should include?
The vast majority of cyberattacks start with one person making a mistake. Security awareness training is intended to effectively counteract this “human vulnerability”. You can find out what is essential and how we design it in an interview with Alex Faes, our Network & Security Consultant.
Why are security awareness trainings important? – You know by now that you shouldn’t click on any strange links, don’t you?
Alex Faes: “An IT security system is only as strong as its weakest link – and this is not just about technologies and processes, but especially about the human risk factor. Minimizing this potential vulnerability is an essential component of any IT security strategy. Through Social Engineering A strange link quickly becomes an unsuspicious link. Phishing e-mails are by no means the only attack vector that is covered in security awareness training.”
What is the key to success in security awareness training?
Security awareness trainings require the participants’ full attention. Many attacks are aimed at the carelessness of IT users. This is why face-to-face training is often more sustainable than online training, where other activities are often carried out at the same time or the participants are more easily distracted. During training, there should be an atmosphere in which participants do not have to be embarrassed to ask questions.
How do you ensure that employees do not forget what they have learned?
Aha experiences promote awareness sustainably. Really simulated social engineering attacks in advance of security awareness training can create aha experiences. It's not just about knowledge, but about awareness of the topic. Awareness can be raised with practical examples of successful attacks. Security awareness is a permanent learning process in the minds of those affected, which is why refreshers, including pointing out new threats, are very important.
What do resellers themselves have to be able to do or know in order to offer such training successfully?
In addition to didactic skills, customer proximity is extremely important in order to carry out training individually according to the customer's industry, culture and language. The documents and practical examples must be constantly adapted or updated to reflect current cyber risks.
To what extent does offering awareness training lead to further business for resellers?
The speaker can personally demonstrate his competence to the entire workforce. Where else can you get this entry-level opportunity? An IT security system is only as strong as its weakest link - what is the weakest link after the training?
We would be happy to help you answer these and other questions! – Contact Us or find out more about our security offering: