Corporate Best Practices in Security Awareness and Training Programs

I am often asked for security case studies and best practices in a variety of cybersecurity areas. Who is doing best in whatever the cyber-topic is? Any case studies to help? How can I learn more?

One particular area that always receives plenty of attention and lots of questions is how to improve security awareness programs. Jenni Bergal recently wrote this story on cybertraining for Stateline that offers important data around phishing and mandatory training.  

And government cyberpros and technology leaders often ask for more enterprisewide private-sector examples, since I speak and write about public-sector examples on an ongoing basis. Sadly, many private-sector enterprises are reluctant to share their security approaches about what they are doing “on the record.” 

But I am very pleased to offer you details behind a best practice in corporate security awareness from Lear Corporation. Earl Duby, the very talented CISO at Lear, agreed to be interviewed regarding their successes and approaches to dramatically improving their enterprisewide cybersecurity culture around the world.

The Best Security Awareness Examples of 2018

Every year, I participate in a variety of live events, writing articles, webinars and other activities for National Cyber Security Awareness Month (NCSAM). Back on Oct. 31, 2018, I was invited to speak on a panel discussion at a worldwide event hosted by Lear Corp., in Michigan. Some of the pictures from the event are shown. 

The event was beyond impressive and included a mix of global presentations, awareness materials and world-class cyberleaders engaging in important discussions on a range of topics. The live participants were at Lear headquarters, but Lear staff watch the event from as far away as South Africa. The topics discussed ranged from the worldwide cybertalent shortage to recent data breaches and ransomware attacks at various global organizations (Read more...)

*** This is a Security Bloggers Network syndicated blog from Lohrmann on Cybersecurity authored by Lohrmann on Cybersecurity. Read the original post at: