With security breaches now a part of the typical news cycle, an ongoing security awareness training program is critical to the health of any size organization. Corporate leaders must be vigilant, because the effects of security awareness training can fade with time.
Employees can become complacent. It’s just human nature!
The PCI DSS calls for annual security awareness training; however, there are some occasions when it makes sense to conduct refresher courses sooner:
- If your organization has suffered a data breach.
- If there’s been a change in an internal security system, policy or process.
- If there’s been a change in compliance rules and/or regulations.
- If a security audit indicates security awareness is lacking.
Also consider refresher training under the following circumstances:
- With specific employees who may be disgruntled, or who are taking on a new role in the organization.
- If there’s been a breach at a competitor in your industry.
- If there’s been a breach at another business in your building.
- When new ‘black hat’ tactics come to light.
- If a ‘white hat’ team successfully breaches your security in any way.
Security awareness training is about changing the organization’s culture. Are your employees prepared with the appropriate level of awareness?
Learn more about security awareness best practices and training considerations in this short video:
Looking for more information?
ControlScan can help you implement a strong security awareness training program in your organization. Be sure to subscribe to this blog for additional tips and webinar announcements.