Define the importance of user technology security education

Assignment Help Other Subject
Reference no: EM132234105

Question: Go through the below discussion and comment in 150 words

Importance of user technology security education with in organizations

In this present-day to day world of information technology, having a strong background in security education and awareness is very important, in fact, it may make the huge difference between an effective, productive individual and one who is the opponent.

This simple and overly stated fact possibly will sound like a buzzword, but a quick look at incident records, such as the famous Target case, or the more recent WannaCry massive attack, will show that even with the best technology in place, if the human is not taken good care of, the levels of exposition to threats, and subsequent impact, is way higher than what most would call acceptable.

Advantages Include:

1. Encompassing your information security efforts: In order to be effective, information security must be a corporate wide effort embraced over all hierarchical levels. Changing your corporate culture to adhere to the new security focus will be a much simpler task if people can understand and relate to the new controls and expected behaviour. For instance, while it may be frustrating to try changing your password and receiving a message stating it does not comply with complexity requirements, your users might be convinced by understanding that using ‘123456' or ‘a2bc3d as a password is a security risk due to brute force or password guessing attacks.

2. Less time to detect security incidents: Having security-aware users does not always mean less incidents, but, since they will know what constitutes a security incident and how to report it, detection times will surely be significantly lower, meaning that a significant number of incidents might be prevented, and even the ones that occur will have a better response, and, consequently, a reduced impact.

3. Persist in compliance efforts: If your company falls under legislation such as Sarbanes-Oxley 404 or is interested in achieving a security standard like ISO 27001, an awareness program is essential. Your focus should be ensuring that users are aware of security policies, norms, risk, threats and expected behaviour, but awareness training will also provide extensive evidence of compliance efforts and the commitment of the upper management to information security.

Regularly training and implementing a regular security awareness training program is crucial to ensure that you're doing your part to inspire and educate your employees to greater levels of security and awareness. The first step in a successful training program is having a culture of security at your organization, including buy-in from upper management. If the employees see management's focus on creating a secure work environment, that attitude will spread.

Here are five things to think about when training your employees to practice security in the workforce:

1. Physical Security - Are you required to wear badges while on the property? Are there appropriate identification and sign-in procedures at the front desk to monitor individuals who are coming in and out of the facility? Are these processes being followed every time?

2. Password Security - Passwords should be at least 8 characters long and use a variety of upper and lowercase letters, numbers, and special characters. Default passwords should never be used, and passwords should never be shared.

3. Phishing - Train your staff to be wary phishers and to know what to look for. Make sure they know not to open attachments in emails if they do not know the source. Encourage them to not send confidential information in response to an email claiming that "urgent action is required". Test your employees, train your employees, and make sure you've created an environment where if in doubt, someone will ask before engaging in an email that may look suspicious.

4. Social Engineering - Social engineering threats are threats based on human vulnerabilities. It's a way attacker manipulate people into giving away confidential information, password/ID combinations, or to gain unauthorized access to a facility. Train your employees to operate with a healthy amount of scepticism, and to never give out sensitive information without fully identifying the other person.

5. Malware - Malware, much like phishing, can enter your environment through non-malicious looking threats such as employees opening emails from unknown sources, using a USB drive that is infected, or going to websites that may be unsafe. Be sure employees are trained to be aware of these kinds of attacks, and practice identifying malware threats.

Reference no: EM132234105

Human ecology or the chicago school

List the three theories and theorists for each that are labeled as "human ecology" or the "Chicago school." Describe each theory according to its theorist and MAP the layout o

Describe the structure of the african-american family

How would you describe the structure of the African-American family? Are there problems in that structure? If so what are they and how do you think they should be addressed?

Discuss how these symbols are important to your holiday

Pick two symbols, and briefly discuss how these symbols are important to your holiday, ritual, or tradition. Remember that your focus should be on the two symbols you have c

How will you describe the status of equality

Women have a long history of being considered inferior to men. However, during the middle to the late 20th century, the women's rights movement began to improve the plight o

Data includes precipitation-soil water storage

Using information from 2 locations, Berkeley, California and Terre Haute, Indiana, a comparison of the water balance will be completed between the 2 sites. The data includes p

Why did nibco decide to purchase an erp system

Why did NIBCO decide to purchase an ERP system? Why did it choose a Big Bang approach, rather than the 3-to-5 year plan suggested by the consulting firm? Describe the pros and

How prominent events-necessary to ease international tension

Prominent events like the footbal world cup and other international sporting occasions are necessary in easing international tensions and releasing patriotic emotions in saf

Cartesian coordinates of the anchor

A fisherperson, pulling on the anchor cord, causes a force on the man of F = (40i+20j-50k)N. If the cord is 30m long, determine the Cartesian coordinates of the anchor at A.


Write a Review

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd