User Education for Cybersecurity: Yes, It’s Worth It
Many successful ransomware/other malware attacks share two characteristics. One is that they gain access to an enterprise network because a legitimate, authorized user does something they shouldn’t. Such as opening a phishing email, clicking on a bogus web link, or falling victim to credential theft. The other is that they initiate or revive a spirited discussion of the value of user education to cybersecurity efforts.
Whenever that subject comes up, I’m reminded of something my sainted mother used to say. “Where you stand often depends on where you sit.”
- At the 2017 Black Hat conference, cybersecurity solutions vendor Thycotic surveyed more than 250 hackers. As reported by BetaNews, those hackers called out “education/awareness” as “one of the least effective security protections.”
- User behavior intelligence solutions provider Dtex Systems recently announced its 2017 Threat Monitoring, Detection & Response Report. For that study, the company commissioned Crowd Research Partners to survey more than 400 cybersecurity professionals. “User training was identified as the leading method for combating insider threats, according to 57 percent of those surveyed.”
Read the entire article here, User Education for Cybersecurity: Yes, It’s Worth It
via the fine folks at Ivanti.