Our Blog

« BACK
image

Day 15 Security Awareness

Category: Uncategorized

Tagged:
March 2, 2022

Howdy, if you are new to the series start here. If you are caught up, welcome back! Today we are talking about an incredibly important security topic for small business, Security Awareness. It is probably the single biggest bang for buck in terms of real risk reduction. Security Awareness Training…training can be a boring topic…hence the cool plane above :). But, what makes small business leaders successful is we don’t shy away from boring if it is what the team needs. In this case the answer is training. There are some very good platforms for providing this training at a very affordable monthly price and I’m happy to recommend my favorite if you message me. This training should include the following features that are useful for small business:

Security Awareness

  • Regular, short training videos that don’t berate your employees and don’t make them want to fall asleep. These videos should preferably be humans not cartoons and should be automatically delivered to your employees. The platform should give you some ability to validate your employees have completed their training.
  • Simulated Phishing exercises that are done for you as part of the monthly service cost. In this service the company should emulate a criminal and try to trick your employees into clicking on “evil” but safe training links or entering their passwords into “evil” but safe training websites designed to trick them. Preferably this should deliver training to your employees immediately at “point of click” when they mess up. This training should aim to uplift and instruct…never berate or put down.

Such ongoing training is critical as the most popular type of cybercrime (according to the FBI) is email based fraud. This includes scams like the classic “Nigerian Prince” to much more sophisticated attacks like one suffered by somebody close to me recently. One of their vendor’s email systems was compromised and the criminals used their email to send malware to all of that vendors customers. The victims had very little reason to suspect anything bad coming from their “trusted” vendor partner…but in the email were telltale signs that security training could have helped the employees to recognize and take the extra step of picking up the phone to validate. As always, if you have any questions please connect with me and I’d be happy to discuss. Happy Hunting!

CTO / Principal Engineer

 

David Hyde-Volpe

CTO / Principal Engineer

CONTACT
INFORMATION

image
141 Traction Street
Greenville, SC 29611
image
+1.864.800.0550
image
[email protected]

SECURITY MANAGED.
BACK TO BUSINESS!

FREE IMPACT ASSESSMENT

COST EFFECTIVE BUSINESS SECURITY

Cyber Risk Reduction

Request A Quote

request A consultation

Request A Quote

LAURA GRINDLEY

Business Operations Manager
470-222-5546
[email protected]
Certified: GSEC, CompTIA A+
Education: BA, College of William and Mary
Areas of Focus: Project Management, Accounting, Logistics

DAVID HYDE-VOLPE

CTO / Principal Engineer
864-214-5282
[email protected]

Certified: GCIH, GSEC, GMON

Education: BS – Chemistry, Clemson University, Completed PhD coursework in Quantum Theoretical Chemistry – Georgia Institute of Technology, Completed PhD coursework in Statistical Mechanical Theoretical Chemistry – Clemson University.

Areas of Focus: Secure Coding, statistical modeling, penetration testing, security architecture

GLENN JOHNSON

CEO / Principal Engineer
864.810.0630
[email protected]
Certified: CISSP, GCIH, PMP, CRISC, CISA, CISM, CCSK; previous certifications include CCNP, CCSP, CCVP, CCDP
Education: University of MD. LaSalle University (BS/MS – Information Systems)
Areas of Focus: BC/DR, Quantitative Risk programs and analysis, 1/CISO and 1/CIO functions, security strategy and architecture

Subscribe to Vizius' newsletter
and access our FREE

Ramsomware Vaccine
Roadmap

Free Impact Assessment