Author: Johna Till Johnson, CEO & Founder
The recent success of Ransomware as a Service (RaaS) attacks has thousands of companies facing systematized extortion. The enterprise facing the decision of whether “to pay or not to pay” can usually thank an unaware employee—even a CEO—who fell victim to the oldest cybersecurity ruse, the phishing email.
The best defense against cybersecurity threats is a security-aware culture that permeates the entire organization and which touches anyone on the network—from the board to the lowest intern. For this culture to reach beyond the IT security team, enterprises must implement targeted and sustained security awareness training.
Best-of-the-best security organizations consistently rate security awareness training as a top challenge. Yet when it comes to budgeting, companies often give training short shrift. The training budget and other factors will influence how a company approaches training.
Whether a company develops an in-house security awareness training program or opts to outsource to a third party, the steps must remain the same: assess, plan, develop, implement, monitor and maintain.
If a company lacks the time or manpower needed to implement the above steps, increasingly many third-party companies specialize in customizable training.
You are currently viewing a preview of this content. Nemertes Clients, please log in for full access to all research content. If you are not a client, please click below to purchase access to this research report. We also invite you to become a client.CLIENT LOGIN BECOME A CLIENT