1. Do Nothing

Do Nothing approach to Security Awareness Training

We don’t really do security awareness training and rely on our technical solutions for IT security. (Firewall, spam filters, Intrusion Detection, etc.)


 

2. The Break Room

Sacurity awareness training death by powerpoint approach

We gather employees for a lunch & learn and show them a slideshow of what to avoid when surfing the Web, in emails from unknown sources, etc. (usually in-house created “death-by-PowerPoint” training.)


 

3. The Monthly Security Video

Monthly security awareness training video approach

We have employees view incomplete and disjointed security awareness training videos to learn how to keep the network and organization safe and secure. 


 

4. The Phishing Test Approach

Phishing Test approach to security awareness training

We pre-select certain groups of employees, send them a simulated phishing attack, see if they fall prey to the phishing attack, and train them only if they fail. 


 

5. The Human Firewall Approach

Human firewall approach to security awareness training

We regularly test everyone in the organization and find the percentage of employees who are prone to phishing attacks. Next, we train everyone on all major attack vectors and keep sending simulated phishing attacks to everyone on a very regular basis. 


Get the latest about social engineering

Subscribe to CyberheistNews