• United States




How can we improve awareness training?

Aug 24, 20161 min
Data and Information SecurityIT SkillsSecurity

Bill Rosenthal from Logical Operations chats with CSO about the failings of end user security training, and where we can look to make improvements

As more companies face the realities of cybercrime, malware and data breaches, many of them are turning to security awareness training programs to keep their employees from becoming the next victim of an attack. But a lot of these programs are ineffective, giving employees a “read this email, watch this video” program, and the CSO a “box to check off”. In the latest episode of Security Sessions, I spoke with Bill Rosenthal, CEO of Logical Operations, about the lack of effective security awareness programs at companies. Among the highlights of the video are the following sections: 1:14 The current state of security awareness training at companies. 2:49 What will it take to get more companies on board with security awareness training? 3:51 Why don’t end users follow cyber-security policies? How can IT engage them more? 5:37 Why going beyond self-assessment training is needed for most companies. 7:20 Figuring out different training for different employee roles. 8:54 Advice for security executives on improving engagement with end users beyond the weekly security email.