End User Security Training

Hacker Data Breach

End user security training is vital element of any organizations information security efforts. Unfortunately, in todays sputtering protracted economic recovery, consolidated IT departments and ever stretched budgets – it is rare. Most often I’ve seen lip service to the issue and very little action. The results of this inaction is a staff that is a weak link in your security programs. They often are the source of social engineering information leaks, corporate espionage, competitive intelligence and even clever targeted malware attacks. It boggles the mind that more organizations don’t have a required (at least) annual effort to train their employees to act with information security in mind.

In the course of a day as an information security practitioner I see it all. However nothing is so frustrating as the things that can be easily ameliorated. With a little training users wouldn’t write that accounting password on a big yellow sticky note above their desk or click on the questionable link from their long lost Ghanaian relative. They might actually understand the risks to their jobs and that of their organization. Training might make the financial risks of cybercrime real and change their behavior as a result.

In light of the risks I think the investment in end user security training is an intelligent decision that pays for itself again and again. I believe we need to make the risks and repercussions of information security real to the end user and it is only through training that we will make this happen.

Joseph P. Guarino has a long history of producing business results with the application of information technology. Joseph's expertise span over 15 years in the private sector at leading technology firms and consulting organization. With Evolutionary IT, he saw a market need to bring his transformative knowledge and expertise to firms in the New England area and worldwide. Joseph is driven by a strong desire to see customer's thrive with the best business solutions. Evolutionary IT evolved out of this desire to bring a new level of quality IT solutions, align them with business goals and give customer's a competitive edge.
Posted in Security, Security Awareness Training  |  Leave a comment

Leave a reply