69 that separates the two. Pre-built training schedules allow businesses to deploy training quickly by addressing common cybersecurity challenges that are experienced by all organisations whereas personalised campaigns consider the various security requirements and regulations in the different countries the company operates in. Larger businesses with time to plan their security campaign rollout may choose the personalised route, for example, to create content in different languages or ensure it covers security threats specific to all its departments and offices. 3. Decide whether training content should be risk- or role-based IT and security teams looking to plan a cybersecurity awareness campaign will need to decide whether to target training content via risk type or employees’ roles. The first option aims to tackle specific issues an organisation faces like phishing or repeated passwords, while the second focuses on the problems particular to a department such as fake invoices going to accounting teams or social engineering for those in management. 4. Invest in real-world phishing simulations Users need to be trained to detect phishing emails to prevent data breaches causing systems to go out of service. Phishing simulations are an essential aspect of any cybersecurity awareness training campaign. For example, IBM’s Cost of a Data Breach Report 2022 found that phishing was the second most common cause of a data breach at 16 per cent, and also the costliest, averaging $4.91 million in breach costs. Received in an alarming number of variants, users need to be prepared to counter phishing attempts from everything from social engineering to full-blown fake websites. Once a simulation platform has been chosen and deployed, IT and security teams can use the built-in analytics to determine if any further training is needed. For instances, businesses might then decide to create newsletters with links to video-based training. For many businesses, the prospect of developing cybersecurity awareness training can seem daunting, but consulting a visionary partner like Fortra’s Terranova Security can make it easy to establish strong security awareness goals, build training courses, implement automated results-based learning tools and decide how best to launch a campaign. We can deliver the subject matter expertise and support they need to plan and execute a successful cybersecurity programme that is specifically designed o meet the individual needs of their organisation. Matthew Fish is senior product marketing manager at Fortra's Terranova Security Phishing is one of the most common types of cyberattacks with over 3.4 billion phishing emails being sent out per day
RkJQdWJsaXNoZXIy NzQ1NTk=