Cyber threat has been a major concern in IT world today. Recent data breach in many companies like Chase, Home depot, Target has already proved that companies need to build their IT security strong enough to avoid any further damage. Threat can come from anywhere, it may come from within an organization or outside the organization. But when threat comes from inside the organization, it is most dangerous since the employees are quite familiar with the infrastructure of an organization. Most of the time when the threat comes from inside the organization it is either from accident or uninformed employees.
Many in organization who are not informed about the security threat often visit websites infected with malware, responding to phishing e-mails, storing their login information in an unsecured location or even giving out sensitive information over the phone when exposed to social engineering (sans.org). This can expose to major security threat to the organization. Important information can leak. One of the best ways to avoid these kinds of threat is providing with security awareness training to company employees. Organization can institute company-wide security awareness training initiatives like formal classroom style, seminars, discussion group, regular emails or posters in the break room. This will help ensure employees have a solid understanding of company security policy, procedure and best practices (sans.org)
Below are two You Tube videos that provide the importance of Information security awareness.
Source:
Sans (n.d.). The importance of Security Awareness training. Retrieved from URL: http://www.sans.org/reading-
Sayes, A (Mar, 2012). Physical & Information Security Awareness. Retrieved from URL: https://www.youtube.com/watch?
Anonymous (Feb,2013). IT Security Awareness Week. Retrieved from URL: https://www.youtube.com/watch?
No comments:
Post a Comment