The Cyber Dawn
33 Ways BookCybersecurity Awareness TrainingNational Cybersecurity Awareness Month

Cybersecurity Awareness Training With Impact

Dawn Kristy

Cyber threats are not a done deal. There’s hope, but you have to think.

The Emergency Scenario

The accounting manager is out of the office for a family emergency. The deputy manager receives an email from the CEO to change international bank account details. He does not verify the request with the CEO (he missed the training session on Business Email Compromise, aka Funds Transfer Fraud). Since he does not want to appear to challenge the CEO’s request, he wires $300,000 to a fake bank account. Upon discovery the following week, the funds are gone and cannot be recovered.

People

People circumvent cybersecurity technology causing nine out of ten cyberattacks.

As a business leader or manager, do you know where to begin to strengthen your defenses? First, develop a cybersecurity resilience culture by investing in and empowering your people. A “stronger together” mindset means that your team is aware of the risks and incentivized to fight cybercrime.

Training

What do you recall from an annual video on cyber threats and risk protection? Did it change the way you think or behave?

For me, these videos did not resonate. Fortunately, when I received a phishing email at work, I knew not to click on the attachment and how to report the cyber incident based on my expertise rather than internal training or communications. I wondered why we were not using relatable, memorable stories to get through to people.

Communications

Internal communication is essential to keep your people aware, attentive, engaged, and informed.

You are mistaken if you assume that your employees know about cybercrime through osmosis from news reports.

Scheduling regular, essential communications means that your people are up-to-date on the threat landscape.

It would help if you answered these questions in preparing an incident response plan:

  • Do your employees know who to call if they suspect a cyber incident?
  •  Do your employees know who to ask for help?
  • Do your employees help each other (e.g., if an untrained employee receives a suspicious call, text, or email)?
  • Do your employees fear retribution or embarrassment in a blame and shame culture?

Investments

What are your expectations if your organization is not investing in training or communications?

Denial does not prevent cyber losses; preparation, education, awareness, and engagement help reduce and prevent cyberattacks.

Cybersecurity applies to the Board, C-Suite, Management, IT, and Staff. Everyone in your organization is part of the risk and solution based on their behavior.

We have seen over and over that technology alone is not the solution. Technology coupled with regular, impactful training and communications is the winning solution.

Return on Investment from training your team is priceless.

Takeaways

A budget surplus means an opportunity to improve cybersecurity.

Invest in your people.

Invest in your culture.

There is hope.

Dawn Kristy

I am a nationally recognized thought leader and cyber subject matter expert. I advise clients and executives on how to bridge the gap between IT, business, and communications strategy with difficult cyber, privacy, or emerging risks, I collaborate with experts and clients on risk management, data management, and compliance in various industry verticals, including financial services, healthcare, manufacturing, construction, logistics, law, and federal government contracting.

You May Also Like

Women in CyberSecurity Champion National Cybersecurity Awareness Month

Dawn Kristy

Coffee and Donuts Cyber Chat

Dawn Kristy

Investing 99 Cents May Save Your Business

Dawn Kristy

Leave a Reply