Explaining how the security team aggregates and correlates risks supports these training initiatives. Monitoring and setting alerts for the following can help reinforce ransomware training:
- Outdated antivirus/anti-malware on devices
- Email and Web application server monitoring
- Packet loss or network congestion indicating command and control server communications
Securing endpoints goes beyond monitoring for and mitigating the risk of ransomware or malware. Often, endpoint security risks include activities like updating software or using personal devices.
Cybersecurity awareness training focuses on the types of risks that employees bring with them, including:
- Physical device security:
Password-protecting devices, potential device theft or loss
- Security patches: Installing on personal devices
- Maintaining factory settings: Not using “jailbroken” phones on corporate systems
- Removable media: Risky USBs or charging cords that can plug into devices
To help support end users, security professionals can explain and show how they monitor networks for devices connecting to them. Enhancing endpoint security through examples might include showing how the security team monitors:
- Software versioning
- Secure configurations like security technical implementation guides (STIGs) or CIS baselines
- Recent security patch installations
- Alerts from intrusion detection systems (IDS)
Safe Internet Habits
With more people working remotely, cybersecurity awareness training around safe Internet habits has become even more important. To protect remote workforces, companies need to drive home the importance of risks arising from “work from anywhere” models.
Generally, cybersecurity awareness training focuses end users on:
- Public Wi-Fi use: Limiting insecure wireless connections to prevent man-in-the-middle attacks
- Virtual public networks (VPNs):
- Website security: Reviewing URL for HTTPS
- Social media scams: Being wary of links or downloads in direct messages or posts
To support end-user awareness training, cybersecurity professionals and IT teams can explain how they set controls and monitor the following:
- Denying access from unknown IP addresses
- Denying organization-owned devices from accessing social media websites
- Setting administrative controls for organization-owned devices that disallow installation of unapproved applications
- Use URL and Web filtering rules in firewalls to enforce HTTPS connections
- Monitoring geolocation of login using SD-WAN to enforce encryption of data-in-transit
Teamwork Makes the Security Education Dream Work
An effective cybersecurity awareness program builds a strong culture of security that bridges the gap between technical and non-technical employees. Training programs provide the information, but education offers a more thorough understanding that builds better habits.
By acting as a team within the organization, line-of-business and technical teams can create more robust security practices, build stronger relationships, and reduce resistance to protective controls.
Source – Bleepingcomputer.com