How to embed security awareness in business processes

All businesses have processes for their operations. These can be production, sales, support, IT, procurement, auditing, and so on. All businesses also need risk management. Traditional risk management has focused on financial risks, as well as HSE risks. These governance activities are also legal requirements in most countries. Recently cybersecurity has also caught mainstream attention, … Continue reading How to embed security awareness in business processes

Security Awareness: A 5-step process to making your training program role based and relevant

Security awareness training is one of many strategies used by companies to reduce their security risks. It seems like an obvious thing to do, considering the fact that almost every attack contains some form of social engineering as the initial perimeter breach. In most cases it is a phishing e-mail. Security awareness training is often … Continue reading Security Awareness: A 5-step process to making your training program role based and relevant