11:11 Systems Director of Product Market Intelligence Brian Knudtson is joined by guests Justin Warren, Gina Rosenthal, and Liron Amitzi for a conversation about how important it is for employees to be aware of cybersecurity. They discuss the effectiveness of security training, important tools to protect employees, and if executives should be able to avoid the training. Ideally, your organization should have a good culture of security so you don’t have to rely on trebuchets, guillotines, and always poison-checking your coffee.
[04:10] What are some of the most effective ways to train employees to work more securely when there is a wide variety of different users, all of whom may be a vector of a cyber attack?
[15:51] Go a little bit more into what some of those approaches or solutions that may exist there that can help users stay in the safety zone or limit the damage that they can do on the back end.
[28:49] Are there other groups that should be excepted from the training and the controls that we’ve been talking about?
[04:44] “My operating assumption is that this is a system, and if your system requires perfect human behavior in order to behave securely and safely, then your system is broken.” — Justin Warren
[08:21] “You’ve got an entire other industry that’s trying to get people to click on these links. You’re never going to be able to keep ahead of them because they’re constantly looking to see, well, what would I do if I was a human?” — Gina Rosenthal
[09:19] “People will do the easy thing. So I think a lot of this, unfortunately, what we end up doing is we’re trying to force people to do things the hard way instead of the easy way. So the secure way should be the easy way to do it.” — Justin Warren
[20:27] “Wouldn’t it be nice if you had something that could look at the traffic and the activity and see that that was out of the norm for how your organization works, instead of having to pay the price of everybody listening to boring training for 2 hours on a Monday. ” — Gina Rosenthal
[21:53] “I’m not talking about firewalls outside or between networks only, but there are database firewalls or web firewalls that are much smarter than regular firewalls.” — Liron Amitzi
[26:00] “ I think some of the incentives aren’t there for organizations to do good training, because it doesn’t need to be effective. They just have to tick a box.” — Justin Warren
[30:36] “I think if you explain this to people and you try to balance the access to the system with the security in place, but the usability as well, I think there is some balance that you can find that would be acceptable.” — Liron Amitzi
[33:22] “You need to make sure everything is good with your people. You need to make sure you’re constantly making it interesting for especially your professional staff, to understand what to look for.” — Gina Rosenthal
How to improve the security posture of your business
Organizations are facing increasing threats from cybercrime, and it’s only getting worse as criminals get more sophisticated and data increases exponentially. In fact, there has been a 300% increase in reported cybercrimes in just the last two years alone.
When you consider that hackers only have to succeed once to spell disaster for your entire enterprise, it’s more important than ever to put a solid, multi-layered security strategy into place to protect your organization.
But where do you start? Hiring an experienced cybersecurity team is expensive at best, and impossible at worst. In this white paper, we look at the increased threats, the cost of cybercrime, and what you can do to protect your business without putting stress on your bottom line.