A castle's moat is useless if someone leaves the drawbridge down.
Oftentimes, hackers get you where they know you're the weakest – Your employees.
You spend endless hours and countless resources setting up firewalls, passwords, and monitoring systems. But all these networks and endpoints are built around a business in which individual personnel require a certain level of autonomy in order to function effectively.
This flexibility makes your employees a prime target for hackers. Competent hackers are able to circumvent all your security protocols by going to the employee directly. As scary as this may sound, it is easily preventable with the proper education and training. Knowledge is power, and in this case, knowledge is the final piece of the puzzle to ensure your company’s security.
Your employees handle sensitive information and trade secrets in paper, voice, and electronic formats. Your IT staff manages networks and systems. On a daily basis, your personnel ultimately make decisions that affect both the security and risk profile of your organization. Incorporating security awareness into your training program can mean the difference between your drawbridge being up or down.
While your policies and procedures set forth the appropriate responses and chains of escalation, your staff still need to be continually educated and made aware of these procedures and able to identify suspicious activity as it occurs. Days of downtime in response to a data breach can often be thwarted with the proper training.
Let us work with you to implement an effective training program for both new and existing employees that provides refresher courses, a focus on new employees, and training in ongoing awareness. We use a variety of tested methods to effectively educate your staff based on their skill levels, security clearance, and organizational roles.
We also offer courses and training materials to help your organization meet regulatory and compliance requirements such as PCI-DSS, GLBA, and HIPAA/HITECH. With a focus on employee security and awareness, our curriculum stresses proper security controls in addition to employee responsibilities for ensuring your organization’s security protocols are strictly adhered to.
Our employee security awareness training typically covers the following topics:
Information Security Overview
- Applicability and responsibilities
- Profiles of attackers
- Types of attacks
- Abridged history
- Applicable requirements
- Proper handling of sensitive data
Protected Sensitive Information
- Company confidential information
- Account numbers, cardholder data, social security numbers
- Systems and networks
- Third-party connections
Safe Computing Habits
- Strong passwords
- Email and browsing use
- Remote access
- Removable devices
- Social media
- Understanding attacks
- Identifying behaviors
- Proper responses
- Escalation procedures
Intersec also provides training in a variety of educational formats. You can choose any one or any combination to best suit your needs:
- In-house training by our team of experts
- Materials provided to perform your own in-house training
- Supplemental training materials in various forms, including emails, posters and newsletters
- Remote online training, webinars, etc.