“People are one of the weakest links” in securing technology. 1 Still organizations invest ten to twenty times the amount to secure the equipment and networks 2 than they invest, “ensuring all people [using the technology] understand the organization’s IT security policy, procedures, and practices, [and have] adequate knowledge … to protect the IT resources for which they are responsible.” 3
Security Awareness Training
So, how does a company help people improve their knowledge and lessen their negative impact? The National Institute of Standards and Technology (NIST) recommends implementing a wide-view strategy to get people trained and keep that training up-to-date. NIST’s recommendations 4 for users of technology include the following:
Understand and comply with security policies and procedures
Be appropriately trained in the rules of behavior for the systems and applications to which they have access
Be aware of actions they can take to better protect their organization’s information including proper password usage, reporting suspected incidents or violations of security policy, following rules to avoid social engineering attacks and rules to deter the spread of spam and viruses
Bryley has on-staff training specialists who create Security Awareness Training plans for its clients. The recent shift to dependence on remote-work means implementing an effective cybersecurity program has never been more important, reining in the use of devices and maintaining workflow protocols. Bryley’s experts have decades of experience helping organizations achieve successful cybersecurity programs.
In the Tool Shed
Following are some training tools Bryley recommends to keep users productive and your network secure:
Bryley Knowledge Base is an ever-evolving resource of tech classes covering security awareness, the Microsoft suite, G-Suite and Adobe applications. These are online programs that train people from software basics and skills development to recognizing social engineering tactics. The classes are available as an always-accessible library and as scheduled interactive webinars. Bryley Knowledge Base also has expert teachers for specific training sessions on software use, professional development and technical training. Executing a Bryley Knowledge Base program increases productivity and gives employees earned confidence.
Bryley Password Manager allows organizations to give users secure, single-sign-on access to applications. Bryley Password Manager also verifies users through multi-factor authentication (e.g. via both email and text message). Bryley Password Manager is a robust password manager that also gives admins oversight and prevents users from re-using passwords.
Bryley Dark Web Monitor powerfully alerts managers about a compromise to users’s emails and passwords for sale to the highest bidder — before a breach occurs. This gives administrators the ability to take action to prevent an attack.
Bryley Email Phishing Simulator is an enterprise-class program of simulated phishing attacks. Bryley Phishing Simulator tests employees by staggering the delivery of phishing-like emails, to help users develop vigilant behavior. As each round of simulations are sent out, in concert with the included video training, managers can track as the number of clicks on phishing emails decrease. Reports also show you who needs further training.
Awareness Power to the People
Adopt a strategy for on-going training in the secure use of technology. Bryley has the expertise and tools to train your staff to significantly lessen the risk your organization will suffer an incident. Don’t let your organization be an easy mark for cybercriminals, equip your employees with the tools you need them to have. Security Awareness Training empowers your employees to detect and prevent cyberattacks.
Bryley Systems has been a trusted adviser in securing technology since 1987. If you would like more information about Bryley’s approach to Security Awareness Training, please call 978.562.6077 or email ITExperts@bryley.com.