Cybersecurity experts recommend the people-centric approach
The trained personnel is then constantly tested through methods like staged phishing attacks to make sure they stay alert to the possible threats. Youngblood shared they carried 160,000 phishing campaigns in 2022, testing every person at T-Mobile, providing real-time teaching moments to the staff. While ones who fell for the attacks were trained to avoid them in the future, Youngblood also shared the importance of providing a platform for rewarding those who avoided security mistakes.
Steve Thomas agreed that training was important, but most education companies produce generic content and don’t convey the message to employees that cybersecurity is part of their job. To remedy this “perception problem,” he founded the company HackNotice, with the intent of making people understand that security is their responsibility because they themselves are being targeted by hackers.
“Every one single person here and watching online is a target for hackers, “ pointed out Thomas, adding that hackers are constantly trying to gather data about you online, looking to commit fraud and steal your identity, then eventually break into the company you work for.
The training provided by HackNotice changes people’s behaviors by using real-world events and scenarios to show how they are personally impacted. The goal is to make them proactive in security measures.
Cyber security vital for businesses
Carole House stressed that there has been recognition by businesses that cybersecurity is a crucial issue — it will keep them in business for longer. Tim Youngblood shared email and ransomware attacks are up 90 percent in certain industries, bringing criminals money. So they aren’t likely to stop. “All I know companies are that have been breached and those they don’t know they’ve been breached yet,” he quipped. Among security measures he advocated were multifactor authorization, authenticator mobile apps, updating passwords, and using password managers.
Gloss