How to Create an Employee Cybersecurity Awareness Strategy


We live in a digital era where sensitive information, digital networks and critical infrastructures are all susceptible to cyberthreats. We only need to look at our everyday routines, with e-government, e-business, online banking and online healthcare increasingly connected everywhere.

As a consequence of this growth, a lot of sensitive information has been moved onto the Internet. Now everyone is vulnerable to cybersecurity threats, from the highest government officials to children.

DevOps Connect:DevSecOps @ RSAC 2022

Even those that are not connected to the Internet can be affected by cybersecurity threats. Someone else, such as a business, government, healthcare system or even someone in their social circle, can have personal information about you that is available on a computer that can be reached through the Internet.

This article focuses on cybersecurity awareness to promote foundational understanding of cyberthreats, risk, cyber-hygiene and appropriate response options. Employees within an organization must be informed on best practices and proactive measures when confronted with cyber-risks and should even build their own strategy — a handbook to survive in the cyber-era.

The Big Picture

Hackers are constantly seeking vulnerable points that can provide the best move on the table to steal data from a person or an organization. As the information about a person or even an organization remains available online, a cybercriminal only needs to plan a simple strategy to gather the necessary information to develop a well-succeeded attack.

Data is everywhere, and it should be noted that the horizon of information is continuously growing. Giant problems in this era can be represented by, for example, unattended devices, email and device scams, compromised passwords that can be used in other systems and the uncontrollable expansion of social networks and public profiles. The Internet is an enormous database that is always available for crooks to use for their own profit.

(Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Pedro Tavares. Read the original post at: