1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

CISOs should take security training seriously

Discussion in 'CSO' started by RSS, Jan 26, 2016.

  1. RSS

    RSS New Member Member

    In many ways, security awareness training exemplifies the way information security is seen and tackled by senior management.

    A once-a-year, classroom-based approach may be traditional, with security updates and warnings posted on walls and the Intranet, but it is also a sign of a tick-box, compliance-driven approach to security. It is often done to appease industry regulators, PCI and data protection authorities, and the training can offer relatively basic – arguably condescending- advice.

    But times are changing. The threat landscape is growing with the arrival of millions of mobiles and wearables, each with their own IP address, while organized crime and nation-state APT groups are looking at new ways of compromising victims. From exploit kits and Trojans to ransomware, phishing and social engineering scams – the criminal game has moved on.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page