One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8448383 |
| Date de publication | 2024-02-09 06:00:24 (vue: 2024-02-09 14:07:19) |
| Titre | Offensif et défensif: renforcer la sensibilisation à la sécurité avec deux approches d'apprentissage puissantes Offensive and Defensive: Build Security Awareness with Two Powerful Learning Approaches |
| Texte | “Offensive” security awareness and “defensive” security awareness are two learning approaches that you can use to build a robust security culture in your company. They involve applying different strategies to educate your employees about threats and how they can respond to them safely. You may have heard the terms “offensive cybersecurity” and “defensive cybersecurity.” You use defensive tools and techniques to strengthen security vulnerabilities. And with offensive tools and techniques, you focus on identifying those vulnerabilities before attackers find them first. How do defensive and offensive approaches apply to security awareness? Here\'s a quick overview: With a defensive approach, users learn the fundamentals of security. With an offensive approach, users learn how to protect themselves and the business against future threats. Let\'s use a sports analogy here. You can actively learn to be a defensive goalie and block threats. Then, you can take your skills up a level and learn to score points with protective techniques. With Proofpoint Security Awareness, our industry-leading threat intelligence informs both approaches. We help people learn how to defend against current threats. And we give them the tools for taking offensive action against future threats. Live-action series about Insider Threats. (play video) Defensive security awareness: set the foundation We all have to start with the basics, right? With defensive security awareness, you teach people the fundamentals of security and set the stage for safe behavior. This training is often reactive. It enables people to respond to immediate threats and incidents as they arise. At Proofpoint, we believe in using behavioral science methodologies, like adaptive learning and contextual nudges. We combine this with a threat-driven approach, weaving trend analysis and insights about recent security breaches into our training. A personalized adaptive framework The adaptive learning framework is a personalized defensive approach to training. It recognizes that everyone learns differently; it is the opposite of a one-size-fits-all approach. You can teach security fundamentals in a way that is meaningful for each person based on what they know, what they might do and what they believe. This framework lets you drive behavior change with education that is tailored to each person\'s needs. That can include their professional role, industry, content style and native language. The learner can engage with a wide variety of styles and materials. And each training is tied to a specific learning objective. Adaptive learning recognizes that people learn best in short bursts that are spread over time. Our microlearning video modules are under three minutes, and our nano-learning videos are under one minute. These formats give people the flexibility to learn at their own pace. For instance, our “You\'re Now a Little Wiser” nano series offers bite-size training on topics such as data protection to help users learn about specific threats. Screenshots from a one-minute nano-learning video. Contextual nudges and positive reinforcement Training is essential if you want to build a robust security culture. But it is not enough to change behavior fully. Here is where contextual nudges play a vital role in helping to reinforce positive behavior habits once they are formed. These deliberate interventions are designed to shape how people behave. Nudges are rooted in a deep understanding of human behavior. They can move people toward making better decisions, often without them realizing it. They are gentle reminders that can guide people toward creating optimal outcomes. That, in turn, helps to foster a defensive security-conscious culture in your company. It is important to find the respectful balance of nudging people toward secure behaviors without being too intrusive or complex. For example, when a user fails a phishing simulation exercise, Proofpoint Security Awareness offers “Tea |
| Envoyé | Oui |
| Condensat | about academic account action actively adaptive admins advance against alert alerts alerts all allows already also analogy analogy: analysis analyzed animated anticipation applicable apply applying approach approaches are arise around artificial assessment assignments attack attackers attacks available aware awareness awareness: awareness back background badge balance based baseline basic basics become been before behave behavior behavioral behaviors being believe benefits best better bite blend blend: block both breaches brings build bulletins bursts business busy but calendar calls campaign campaigns campaign can cast categorization change choice choose code codes coding collected combine combines communication companies company completion complex comprehensive concentrate conscious consistent contact content contextual continuity continuous continuously conversation core corporate covers create creating cryptocurrency culture curated current cybersecurity cybersecurity” data decisions deep defend defensive defensive: defensively deliberate delivered delivering designed details detection different differently; difficulty display drive driven drives each educate education effort email emerging employees enable enables encourage end engage enough ensures escalate essential events evergreen every everyone example examples exercise expanded expected explains face facing fails fake fall featured features feel find fine first fit fits flexibility flexible focus formats formed foster foundational foundation four framework framework fraudulent from full fully fundamentals future gain game gentle give global goalie goalies going grained growing guide habits happening have heard help helpful helping helps here heroes heroes” holidays hook hooks hot how human identify identifying immediate impactful important improve incidents include included includes incoming incorporate increased individual industry information informs initiative initiatives insider insights instance intelligence interactive interventions intrusive investment involve january keep know knowledge language languages late lately launched leading learn learner learning learns lengths lens let lets level like little live look lot lure make making malicious malware manual material materials may meaningful message methodologies microlearning might minimize minute minutes modular module modules moment moments moment” month monthlong monthly months more move must nano native nature needs news newsletter nist not notifications now nudges nudging objective offensive offers often once one open opposite optimal out outcomes over overview: own pace part particular past people perfect person personalized phish phishing phishscale physical place plan play point points pop positive potentially powerful prevalence prevention proactive problematic professional program proofpoint protect protection protective provide provides quick quickly ransomware react reactive real realizing recent recognizes recommend reinforce reinforcement related release released releases remind reminders reported requiring research resources respected respectful respond right risks robust role rooted rounded safe safely saw scams science score scorers screenshots search season seasons secure security sender series services set shape shift shipping shopping short should signature simulation simulations single size skills slips solid soon sophisticated source specific spoofed sports spotlight spotlights spotlights spread stage start sticker stop strategies strategy strengthen structure style styles such suggested system tactics tailored take taking target teach teachable team techniques terms that them theme themed themselves then these those threat threats three through tied time timely too tools topic topics toward train trained training travel trend trending turn two type under understand understanding upcoming update ups use used user users using varied variety video videos virtual visual vital vulnerabilities want way weaving week weekly well what when where who whole |
| Tags | Ransomware Malware Tool Vulnerability Threat Prediction |
| Stories | |
| Notes | ★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.