Why you must continually educate users about security

1

It would be awesome if everyone was passionate enough about security to be constantly vigilant–but it’s completely unrealistic. As an IT or security admin you have to come to grips with the fact that it’s your job to continually educate users so they know what to watch for:

Everyone knows they’re not supposed to open file attachments or click on links in unsolicited emails, right? At this stage in the game after all those headlines, it’s tempting to assume everyone has gotten the memo. Everyone exercises a healthy dose of cautious skepticism when online. Wrong.

The average user is definitely better educated about security risks and potential threats than he or she was a few years ago, but attackers are agile and prolific. Innovative new exploits and attack vectors emerge all the time and it’s unreasonable to expect users to be invested enough to stay on top of emerging threats on their own or savvy enough to detect and avoid potential attacks.

Spread the Word
Security is a culture—a way of life. It isn’t a tool you can deploy. It isn’t a point in time. You don’t just deploy some software and conduct a user training session to check off some boxes and then you’re done. The cyber criminals aren’t going to stop coming up with new exploits and attacks so you don’t get to stop actively protecting your network and endpoints. That means you have to keep up with security awareness for users, too.

Even users who’ve been taught and understand security best practices are not always on guard. They have their own lives and jobs to worry about, and keeping up with the latest security concerns is simply not on their radar. That’s why it’s imperative that you continuously spread the word.

Some spam or phishing attacks are so poorly constructed that anyone with an IQ higher than a donut should be able to recognize that they’re not legitimate. There are some attacks, however, that are much more sophisticate and extremely convincing. Even some that aren’t completely convincing are still good enough to catch someone off guard. And the attacker just needs one person to have an off-day.

See the full post at the RSA Conference blog: Your Security Posture is Only as Good as Your Security Awareness.

Share.

About Author

I have a passion for technology and gadgets--with a focus on Microsoft and security--and a desire to help others understand how technology can affect or improve their lives. I also love spending time with my wife, 7 kids, 3 dogs, 5 cats, 3 rabbits, 2 ferrets, pot-bellied pig and sulcata tortoise, and I like to think I enjoy reading and golf even though I never find time for either. You can contact me directly at tony@techspective.net. You can contact me directly at tony@techspective.net. For more from me, you can follow me on Twitter, Facebook, Instagram and LinkedIn.

1 Comment

  1. Pingback: The Greatest Cybersecurity Threats are Inside Your Own Walls

Leave A Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.