+44 (0) 3333 445 286 [email protected]

Subtotal: £0.00

No products in the basket.

Cybersecurity training in many organisations is seen as chore, a tick box exercise that needs to be done when we get time, maybe next week. Or it’s mandatory, regardless of the deadlines you face, but mostly irrelevant to your role or to risks the organisation faces. Yet, in today’s world of highly sophisticated data breaches, does all this training actually make a difference?
Firstly cyber security training is a bit like studying history; every month that goes by adds another month to the pool of history to possibly learn. There is no end to the subject matter because it is constantly evolving. Secondly, when teaching any subject, if the students are not interested, then given the limited amount of time available, they are unlikely to learn anything or already know what you are teaching and resent having to go through the process. Lastly, the security technologies in place does most of the work, protecting users from 99.9% of threats, so the odds are low that a user’s choices will make any difference.

That all said, the number of threats we are facing is an insanely large number, and the remaining 0.1% is still a stupidly large number. According to the latest McAfee Labs Threats Report, they have over 774 million malware samples, leaving you potentially unprotected against a three quarters of a million threats. Many of these threats start with social engineering to get a foot in the door, which technology is not very good at stopping, but education is. Focusing your cyber security training to address the gaps targeted by social engineering will definitely make a difference, if combined with basic phishing awareness. Also a better understanding your business processes and the correct steps and checks will also help users to identify any erroneous requests from cyber criminals. Measuring the effectiveness of the training and all the near misses that it has stopped is very difficult though, but it is still a lot cheaper than the fallout from a major cyber infection.

Read more practical, no-nonsense advice in Nick Ioannou’s book, A Practical Guide to Cyber Security for Small Businesses.

About the Author:

Nick Ioannou is an IT professional, blogger, author and public speaker on cloud and security issues, with over 20 years’ corporate experience, including 15 years using cloud/hosted software as a service (SaaS) systems.

He started blogging in 2012 on free IT resources (http://nick-ioannou.com) currently with over 400+ posts. Author of Internet Security Fundamentals, contributing author of two books Managing Cybersecurity Risk and the recently published Conquer The Web.

More free security advice and resources and information on how to contact Nick can be found at www.booleanlogical.com