How does your company train employees to be on the lookout for potential cyber threats?

Joses

With many of these recent data breaches involving stolen credentials and phishing attacks becoming more common and complex, how is your company handling employee education on these topics?

How does your company train employees to be highly alert for phishing attacks or other cyber threats? Which of these tactics do you find to be the most effective?

Looking forward to hearing your thoughts! 🙂

Joses

With your experience in cybersecurity, @kberglund @Agierczak @dotax11 @tburns24 @varAJ @brandonluety what do you think about this topic?

Are there specific types of training or resources that you prefer? Have you used or demoed solutions that you find effective or ineffective?

varAJ

hey Jose— thanks for @'ing me.
KnowBe4 is a great tool we've used for a while now— it provides security awareness training, insider threat training, and regular phishing campaign / testing to keep our users on their toes. Remedial training is built in, so folks who fall for the test phish emails will be assigned a quick 15 minute course as a result.

with that said, Linkedin Learning is a great resource as well. You can create custom learning paths while enabling your team to have access to the full set of courses that LinkedIn has to offer.

besides that, we do have yearly Goals we track for our team and staying current on Cybersecurity and other relevant topics are part of those goals.

Joses

Thank you AJ for providing some great insight! I hadn't heard of KnowBe4 specifically, but I have used products like it before that focus on phishing campaigns. After falling for one phishing test in my previous company, I learned to never make that mistake again. 😅

One of the resources we use is Curricula's Security Awareness Training. I find that it makes the training more enjoyable than just text on a screen, and while it is animated I believe they do a good job of effectively getting their points across.