People are the strongest link in the cyber security chain – when you have the right people in your team, of course. But how do you make sure that your team is well-aware of and well-educated about the various attack vectors and methods cyber criminals use, so your team remains vigilant? Meet cyber security training. It’s time to stop calling humans the weakest link in the security chain and enhance their skills to turn them into real cyber defenders.
In this episode of our Thought Leadership series, Ivan Rivic, CISO at DataStore, shares with us why employee security training and awareness should be seen as a top priority in the fight against cybercrime.
Table of Contents
The costs of cybersecurity failure constantly increase. Is this trend to continue and what is your number one advice that companies should follow to adequately protect their business?
It is undeniable that the cost of cybersecurity incidents will increase. My advice is that companies must constantly work on employees’ awareness and education about security threats and keep up with new technologies.
Most companies perform, in some ways, security awareness for their employees. Those education programs need to be periodically (minimum once per year). Their goal should be to remind employees about the importance of protecting their information assets. Another education needs to be performed and now the target audience is internal IT specialists. They need to learn baselines on how to harden and protect their systems against malicious attackers.
The human element plays a central part in most cybersecurity incidents. To which extent do you consider that people are most often the problem?
Human weaknesses are the problem and that can be seen from the way how hackers are trying to direct most attacks, ie. using the fact that people are not educated enough, that they are hasty and reckless in their actions. Statistics show that over 50% of attack vectors aim for human weaknesses. In those cases, vectors of attacks are mostly phishing, spear phishing, scams, weak passwords, etc.
What are the biggest obstacles that prevent organizations from making employee training and awareness a top priority?
From my point of view, the biggest obstacle is awareness of management about threats that come from the cyber world. There are many companies with management not willing to invest in education or IT infrastructure because they think that cyber incidents are something that happens to others and they are not interesting to some random hackers – unfortunately, that is so wrong. At some point in time, they found it out in a rough way, and it always has a large business impact.
Move your cybersecurity career forward in 2022
When your employees have cyber security training, the human error will eventually decrease, and your staff will learn to spot potential threats and report any incoming incidents in a timely manner. As a result, operational disruptions can be avoided, and security personnel can isolate risks before they get out of control. Quality security training reduces the uncertainty associated with typical digital threats, resulting in a workforce that is more skilled and educated. Furthermore, better cybersecurity practices arise from quality security training, which leads to improved compliance with current security standards and frameworks.
Are you or your team planning to boost your cyber security skillset in 2022? Get practical cybersecurity training at Swiss Cyber Institute. The structure of our training programs is developed by globally recognized cyber security academics and professionals, with a lot of practice-oriented case studies and cyber incident challenges.
Check out the Cyber Security Specialist course with the Swiss Federal Diploma. This course will equip you with a comprehensive understanding of how to protect systems, applications, and data from cyber-attacks and thus minimize damage to assets and people.