YOUR PEOPLE ARE
THE MOST IMPORTANT PART OF YOUR SECURITY
TEACH YOUR PEOPLE WELL
Like it or not, your people are your first line of defense. They probably spend most of their work day interacting with your most critical assets (PHI, proprietary data, valuable equipment, cash), Not only are you entrusting them to present the face of your company, you count on them to hold the line on security issues too.
But that's not a skill most employees will have if you don't help them along. Are you equipping them to do this part of their job effectively?
According to a 2016 IBM Security Survey, only 30% of small businesses, and 58% of large businesses offer security training to their employees. And yet in many surveys, the number one security risk that worries most CEOs is their people. Perhaps with good reason:
In 2016, 43% of healthcare data breaches were the employee's fault (negligence and error) (1)
Across all industries, 54% of small and medium-sized business’ data breaches were attributed to employee negligence (2)
Over 90% of successful cyber attacks begin with social engineering over email (3)
The numbers are clear. The only reason not to give your employees periodic security training is because you say, "Yes, but that won't happen to me..."
Effective training can be short, targeted, and engaging. If it is built to suit the unique strengths and weaknesses of your organization, and your unique risk levels, every minute of security training you provide, no matter how many that is, will be efficient. Check out our description of Security Risk Analysis to see how the relative proportions of your organization's real security risks can be revealed. Now imagine custom training that matched those proportions, to equip your people as efficiently as possible.
At Castellum we have experience providing security training to hundreds of people, in large and small classroom settings, webinar format, and printed guides. We believe very strongly that the door of your organization's profit or loss swings according to the quality of your people. When it comes to security risk, they will either be an asset, or a liability.
Choose asset. Let's work together.
2. Ponemon Institute – 2017 State of Cybersecurity in Small & Medium-Sized Businesses (SMB)
3. PhishMe – 2016 Enterprise Phishing Susceptibility and Resiliency Report