One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8445586 |
| Date de publication | 2024-02-01 06:00:12 (vue: 2024-02-01 15:07:27) |
| Titre | Le pare-feu humain: Pourquoi la formation de sensibilisation à la sécurité est une couche de défense efficace The Human Firewall: Why Security Awareness Training Is an Effective Layer of Defense |
| Texte | Do security awareness programs lead to a quantifiable reduction in risk? Do they directly impact a company\'s security culture? In short, are these programs effective? The answer to these questions is a resounding yes! With 74% of all data breaches involving the human element, the importance of educating people to help prevent a breach cannot be understated. However, for training to be effective, it needs to be frequent, ongoing and provided to everyone. Users should learn about: How to identify and protect themselves from evolving cyberthreats What best practices they can use to keep data safe Why following security policies is important In this blog post, we discuss the various ways that security awareness training can have a positive impact on your company. We also discuss how to make your program better and how to measure your success. Security awareness training effectiveness Let\'s look at three ways that security awareness training can help you boost your defenses. 1. Mitigate your risks By teaching your team how to spot and handle threats, you can cut down on data breaches and security incidents. Our study on the effects of using Proofpoint Security Awareness showed that many companies saw up to a 40% decrease in the number of harmful links clicked by users. Think about this: every click on a malicious link could lead to credential theft, a ransomware infection, or the exploitation of a zero-day vulnerability. So, an effective security awareness program essentially reduces security incidents by a similar amount. Want more evidence about how important it is? Just check out this study that shows security risks can be reduced by as much as 80%. Here is more food for thought. If a malicious link does not directly result in a breach, it must still be investigated. The average time to identify a breach is 204 days. So, if you can reduce the number of incidents you need to investigate, you can see real savings in time and resources. 2. Comply with regulations Security awareness education helps your company comply with data regulations, which are always changing. This can help you avoid hefty fines and damage to your reputation. In many cases, having a security awareness program can keep you compliant with several regulations. This includes U.S. state privacy laws, the European Union\'s GDPR and other industry regulations. 3. Cultivate a strong security culture An effective security awareness program doesn\'t have to be all doom and gloom. Done right, it can help you foster a positive security culture. More than half of users (56%) believe that being recognized or rewarded would make their company\'s security awareness efforts more effective. But only 8% of users say that their company provides them with incentives to practice “good” cybersecurity behavior. When you make security fun through games, contests, and reward and recognition programs, you can keep your employees engaged. You can also motivate them to feel personally responsible for security. That, in turn, can inspire them to be proactive about keeping your critical assets safe. Finally, be sure to incorporate security principles into your company\'s core values. For example, your business leaders should regularly discuss the importance of security. That will help users to understand that everyone plays a vital role in keeping the business safe. How to make your security awareness program effective The verdict is clear. Security awareness programs can tangibly reduce organizational risks. When asked about the connection between their security awareness efforts and their company\'s cybersecurity resilience, a resounding 96% of security professionals say that there is more than just a strong link. They say that it\'s either a direct result of security training or that training is a strong contributor. Let\'s discuss how you can make your program more effective. Assess your security posture The first step toward effectiveness is to assess your company\'s security posture |
| Envoyé | Oui |
| Condensat | 2024 204 about about: accuracy across actions active activities address adhere adjustments advance after again against all allows also always amount answer approach are asked assess assessments assessments assets assignments attack attacked available average avoid award awareness bad badge based baseline beacon because behavior behavioral behavior being belief believe benchmarking best better between beyond beyond big blog book: boost breach breaches bridge budget building business but button calculated campaigns can cannot cases certification change changing check clear click clicked cohorts combat combination companies company competencies completion complex compliant comply comprehension comprehensive compromise conducting confident confirm connection consider content contests continue contributor core costly could create credential critical cultivate culture culture current curriculums curve cut cybersecurity cyberthreats damage data date day days decisions decrease defense defenses deliver department determine difference different differentiate direct directly discuss does doesn don done doom down each educating education educational effective effectiveness effectiveness effective effects efforts either element email employees empower empowered encountered encourage encouraging engaged engagement engaging enhance ensure ensuring environment errors essentially establish european evaluate every everyone evidence evolving example example: executive existing exists expertise experts exploitation exposure faces factors failure feedback feel figure final finally fines firewall: first fits following food forget forgetting foster frequent from fun gain: games gap gdpr gestures get give gloom goals good guidance habits half handle harmful have having hefty help helps here high how however human idea identify immediate impact impactful importance important important improve improving incentives incidents include includes including: incorporate indicates industry infection information informed inspire instruction intended interactive interviews investigate investigated involving is its just justify keep keeping know knowledge landscape languages laws layer lead leaders learn learned learners learning less let level lies like likely link links long look low lower make makes making malicious many may means measure measuring meet message methods metric metrics microlearning mitigate model modules more most motivate motivation motivations much multi multiple must nano need needs newfound not nuisance number of: offer often one ongoing only opportunity organizational other out over overall part participation peers people personally phishing piece plays policies pose positive post posture posture practice practices prevent principles privacy proactive process professionals profile program programs program proofpoint protect provide provided provides quality quantifiable quarters questions quick quizzes ransomware rate rates react ready real recognition recognized reduce reduced reduces reducing reduction regular regularly regulations regulations regulatory reinforce reinforcement relevant report reporting reputation requirements requires resilience resounding resources responsibilities responsibility responsible result results return reward rewarded right risk risks risks role roles safe safe satisfaction savings saw say scenarios score security see seen sentiment separate separately seven several sharpen short shorter should showcase showed shows similar simple simulated simulations size skills snapshot solution something sophistication spaced speak specialize specific spot state step strength stretching strong study styles submit success such sure surveys suspicious tailored take talking tangibly targeted teach teaching team team tell term testing than that theft them themselves these things think this: thought threat threats three through time too tools total toward track track: tracking tracks training true turn type understand understanding understated union unique use user users |
| Tags | Ransomware Tool Vulnerability Threat Studies |
| Stories | |
| Notes | ★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.