Why Cyber Security Training Matters
Patrick WeirToday It’s Netflix and Twitter, Tomorrow It Could Be Your Company.
Cyber security breaches are a fact of modern life, affecting everything from entertainment, to healthcare, to politics, to banking, and retail. Today we have seen waves of attacks to Netflix, Twitter, and Spotify. According to one projection, worldwide spending on cyber security is expected to reach $170 billion by 2020 to address the nearly 43% of businesses that have experienced cyber security breaches in the last 12 months.A lot of that money is expected to go toward technology like security analytics, threat intelligence, as well as mobile and cloud security. But with October being National Cyber Security Awareness month, it’s important to recognize that everyone has a role to play.
Cyber Attacks Are A Huge Problem
While exact numbers aren’t known, the security firm Symantec estimates that nearly half a billion personal records were lost of stolen last year. On average, the cost of a data breach reached $4 million, according to the most recent study from IBM. In the aggregate, cyber crimes cost American businesses billions of dollars annually, according to FBI estimates. A wide-range of attacks were directed at enterprises big and small, but according to Symantec, small businesses are the fastest growing target.
People Are Often The Weak Link
Last year, The Association of Corporate Counsel released a chilling report about our vulnerability to cyber attack. According to the report, which contained a survey of more than 1,000 in-house lawyers, nearly one-third of all security breaches occurred as a result of employee error. In a recent Harvard Business Review article, IBM security general manager Marc van Zadelhoff echoed the concern that employees are often the weak link in an organization’s cyber security when he pointed out that 60 percent of all attacks are carried by insiders.
FBI has identified employee training a critical part of every organization’s cyber security
Cyber Security Training Is Vital
According to a recent survey commissioned by Raytheon and the National Cyber Security Alliance, 59 percent of men and 51 percent of women report having undergone some cyber security training. That’s good to hear, but obviously, there’s a lot of room for improvement, especially since the FBI has identified employee training a critical part of every organization’s cyber security. But if that training is going to be effective, employers need to do more than pass along security tips.
- Employers need to make sure that their cyber security training programs contain high-quality material that engages today’s learners.
- Training programs need to be updated on a regular basis because new threats to cyber security emerge all the time.
- Most of all, security training needs to be adaptive and data-driven so that learners can address specific gaps in their knowledge and employers can be certain that every single person in their organization has mastered what they need to know to safeguard the company’s most vital assets.
