Data security is the responsibility of everyone – not just me.
Core Content:
Many users believe that information security is mainly the responsibility of their IT department. This introductory module explains the active role that is played by employees in preventing data breaches, social engineering and cyberattacks.
It piques the interest of participants and provides a solid grounding for subsequent modules. It also helps to explain key questions like, “What is a data breach?” or “What is social engineering?” Common misconceptions like “our organisation would be of no interest to hackers” and the “kid in the hoodie” myth are explored.
The financial, operational and reputational ramifications of such attacks are highlighted, as well as the weaknesses of technical controls like anti-virus and firewalls in preventing social engineering. Relevant, real-life examples are used throughout.
Who should attend:
full-time employees, part-time employees and third-party contractors.
Facilitated by:
Instructor-led sessions, case studies, supplemental materials.
Strategic Purpose:
A workforce that understands the threat landscape and is aware of the active role they play in protecting your organisation's data can result in a significantly improved security posture.
Benefits:
- Participants are reminded of the active role they play in protecting the information assets of your organisation.
- Participants are made aware of the possible consequences of a data breach or cyberattack on your organisation.
- Participants are given a thorough grounding in the need for practising secure behaviours and are reminded of their accountability.
- Common information security misconceptions are dispelled, making participants more responsive to future security messages.