Education is the best and most cost-effective way to inform network users on best practices regarding securing sensitive data. This is why it is integral that organizations incorporate employee awareness training into their cyber security action plan. By educating employees on cyber security best practices, trends, policies, and procedures, organizations can significantly reduce their vulnerability to a data breach. COMPASS utilizes a variety of methods to educate our client’s employees:
- Webinars: COMPASS webinars on cyber security trends give employees a chance to ask questions and hear firsthand of the importance of keeping data secure. These interactive sessions empower employees with the information necessary to support the organization’s goal of securing its data.
- On-site Training: COMPASS provides face-to-face security awareness training on security best practices and company policies and procedures. These on-site sessions give employees the chance to meet COMPASS personnel and ask questions about securing company and their own personal data.
- Phishing Exercises: One of the most common forms of social engineering is a phishing attack. To demonstrate the importance of educating employees on phishing threats, COMPASS employs a mock-phishing exercise to see how employees would react in a real life scenario. The mock-phishing email is customized to fit the client’s specifications and mailed to a sample of employees. Data on who clicked the link within the email is generated and provided to the client. This portion of the assessment is also used to test the client’s email server and its ability to detect a phishing email.
These methods can be used individually or in combination to effectively keep employees educated on cyber security best practices, pitfalls, and policies. COMPASS works with each organization to determine the best and most cost efficient way to educate their employees. COMPASS training staff will discuss the preferred frequency, methods, and goals for the organization’s cyber security education to develop an organizational training plan that meets their requirements.