Eze Castle Integration

Hedge IT Blog

Training Your Employees on Information Security Awareness

By Kaleigh Alessandro,
Thursday, July 25th, 2013

You guessed it. It’s Security Week here on Hedge IT! Today, we’re diving into a topic that we’re passionate about – education and awareness.  
 
We’ve told you about the types of threats that can harm a business, the steps you should take in the event of a security incident, and the policies you should create to keep your organization safe. But now it’s time to talk about training your employees to understand each of these.Security Awareness Training
 
A firm’s security strategy will only work if employees are properly trained on it. Therefore, the importance of providing information security awareness training cannot be understated. The goal of an awareness program is not merely to educate employees on potential security threats and what they can do to prevent them. A larger goal should be to change the culture of your organization to focus on the importance of security and get buy-in from end users to serve as an added layer of defense against security threats.
 
Once you have buy-in from employees, your focus can turn to ensuring they get the necessary information they need to secure your business. An effective security awareness program should include education on specific threat types, including but not limited to:

  • Malware

  • Trojans

  • Viruses

  • Social engineering

  • Phishing

Another important area to address is the importance of password construction and security. Seems minor? It’s not. Believe it or not, password cracking is remarkably easy, particularly for advanced hackers. And this ‘minor’ step that users take every day could make a significant difference in protecting your firm’s sensitive information. Read more about creating safe and original passwords here.
 
Training materials should also review corporate policies and clearly detail consequences for any suspicious or malicious behavior amongst employees. For your convenience, we’ve compiled a variety of information on various security policies, including:

As far as logistics are concerned, the size and scope of your organization will be a key factor in deciding whether you want to design and implement your own security awareness training or leverage the expertise of a third-party company. Be sure to weigh the pros and cons of each.

PRO to using an outside training company? Your firm saves its time and resources by allowing an experienced firm to implement the training. Materials can also be pulled together and implemented much quicker.

CON? It will likely be a standard training program and won’t necessarily be tailored to meet the unique needs of your firm.

For additional resources on developing an information security awareness program, visit the National Institute of Standards and Technology (NIST).

Hedge Fund Security Guidebook












 

Contact an Eze Castle representative

Categorized under: Security  Trends We're Seeing 



Recent Posts / All Posts

 

Subscribe to Hedge IT

Follow Us

    Follow us on Twitter Follow us on FaceBook Follow us on LinkedIn Follow us on Google RSS Feed

Recent Articles

Categories

Archives