User Account

All Pages

Define the importance of user technology security education

Assignment Help Other Subject
Reference no: EM132234105

Question: Go through the below discussion and comment in 150 words

Importance of user technology security education with in organizations

In this present-day to day world of information technology, having a strong background in security education and awareness is very important, in fact, it may make the huge difference between an effective, productive individual and one who is the opponent.

This simple and overly stated fact possibly will sound like a buzzword, but a quick look at incident records, such as the famous Target case, or the more recent WannaCry massive attack, will show that even with the best technology in place, if the human is not taken good care of, the levels of exposition to threats, and subsequent impact, is way higher than what most would call acceptable.

Advantages Include:

1. Encompassing your information security efforts: In order to be effective, information security must be a corporate wide effort embraced over all hierarchical levels. Changing your corporate culture to adhere to the new security focus will be a much simpler task if people can understand and relate to the new controls and expected behaviour. For instance, while it may be frustrating to try changing your password and receiving a message stating it does not comply with complexity requirements, your users might be convinced by understanding that using ‘123456' or ‘a2bc3d as a password is a security risk due to brute force or password guessing attacks.

2. Less time to detect security incidents: Having security-aware users does not always mean less incidents, but, since they will know what constitutes a security incident and how to report it, detection times will surely be significantly lower, meaning that a significant number of incidents might be prevented, and even the ones that occur will have a better response, and, consequently, a reduced impact.

3. Persist in compliance efforts: If your company falls under legislation such as Sarbanes-Oxley 404 or is interested in achieving a security standard like ISO 27001, an awareness program is essential. Your focus should be ensuring that users are aware of security policies, norms, risk, threats and expected behaviour, but awareness training will also provide extensive evidence of compliance efforts and the commitment of the upper management to information security.

Regularly training and implementing a regular security awareness training program is crucial to ensure that you're doing your part to inspire and educate your employees to greater levels of security and awareness. The first step in a successful training program is having a culture of security at your organization, including buy-in from upper management. If the employees see management's focus on creating a secure work environment, that attitude will spread.

Here are five things to think about when training your employees to practice security in the workforce:

1. Physical Security - Are you required to wear badges while on the property? Are there appropriate identification and sign-in procedures at the front desk to monitor individuals who are coming in and out of the facility? Are these processes being followed every time?

2. Password Security - Passwords should be at least 8 characters long and use a variety of upper and lowercase letters, numbers, and special characters. Default passwords should never be used, and passwords should never be shared.

3. Phishing - Train your staff to be wary phishers and to know what to look for. Make sure they know not to open attachments in emails if they do not know the source. Encourage them to not send confidential information in response to an email claiming that "urgent action is required". Test your employees, train your employees, and make sure you've created an environment where if in doubt, someone will ask before engaging in an email that may look suspicious.

4. Social Engineering - Social engineering threats are threats based on human vulnerabilities. It's a way attacker manipulate people into giving away confidential information, password/ID combinations, or to gain unauthorized access to a facility. Train your employees to operate with a healthy amount of scepticism, and to never give out sensitive information without fully identifying the other person.

5. Malware - Malware, much like phishing, can enter your environment through non-malicious looking threats such as employees opening emails from unknown sources, using a USB drive that is infected, or going to websites that may be unsafe. Be sure employees are trained to be aware of these kinds of attacks, and practice identifying malware threats.

Reference no: EM132234105

Questions Cloud

What is the difference between an swbs and cwbs : What is the purpose of the SEMP? When in the life cycle should it be developed? How does it relate to each of the following: the PMP.
Communication is skill that develops over time : Communication is a skill that develops over time. Where do you envision your professional communication skills at the end of this course?
Good topic for survey in management field : What would be a good topic for a survey in management field?
An important duty of member is to pay the money : An important duty of a member is to pay the money they are liable to pay by virtue of their membership
Define the importance of user technology security education : In this present-day to day world of information technology, having a strong background in security education and awareness is very important.
School board is trying to evaluate new math program : The school board is trying to evaluate a new math program introduced to second-graders in five elementary schools across the county this year.
Can an executive be forced to function as a sponsor : Some executives prefer to micromanage projects whereas other executives are fearful of making a decision because, if they were to make the wrong decision.
Porter five forces is easy framework to understand : Porter's Five Forces is an easy framework to understand and offers a quick way to analyze a market.
Discuss all aspects of access control systems : What are the factors that influence the selection of access control software and/ or hardware? Discuss all aspects of access control systems.

Reviews

Write a Review

 

Other Subject Questions & Answers

  Explain how each strategy would help ensure learning taking

List and briefly explain seven strategies that could be applied in training based on the areas we have learned about the past weeks that you think would be the most successful based on the learning group.

  Are there any outliers in the given data

Does it appear from inspection that there is a relationship between the variables? Why or why not? Calculate the least-squares line. Put the equation in the form of: y = a + bx

  Prepare a report on life and works of giacomo puccini

Prepare a report on Life and Works of Giacomo Puccini. pages count would be 8 to 10 along with proper references and citation.

  Discuss descriptive statistics make sure to include p-factor

Discuss the descriptive statistics, make sure to include the sample size, p-factor and strength of evidence.

  Evaluate how successful the author was in convincing

Clearly state in your own words the "surprise ending" in the reading you selected. Clearly identify the point in the reading when you realized that there were elements in the reading that surprised you. Not all of the surprises come at the end.

  Major changes in law enforcement

Describe three major changes in law enforcement that must occur in order for the U.S. to do a better job collectively of preventing terrorism. Defend your choices.

  Describe and explain retributivism and utilitarianism

Describe and explain retributivism and utilitarianism as theories of reward or distributing good. What do you think is most valid

  Explanation of factors that contribute to the success

What circumstances have changed over time that might necessitate differences in approach?

  How can we draw from the provocative calls-to-action

How can we draw from the provocative calls-to-action made by Sir Ken Robinson in this week's TED video, Ken Robinson: Bring on the Learning Revolution!

  Key factors in interpersonal attraction

a) Describe te three key factors in interpersonal attraction and b) state how each contributes to either the initiaation or maintenance od a relationship.

  Symptoms of personality disorders

It can be difficult to distinguish between symptoms of personality disorders and other psychological disorders. What are some key differences between these disorders that can assist a counselor in making an accurate diagnosis

  Discuss the civil remedies

Explain what the civil remedies are in the examples above, including why civil remedies may be used to combat criminal acts. Also, provide additional examples.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd