Geeks for your information Security Security Vendors Kaspersky Kaspersky Security Blog v
Cybersecurity culture instead of dull lectures
Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Cybersecurity culture instead of dull lectures
harlan4096 Online
MalWare Zoo Team
*******
Posts: 12,844
Threads: 8,856
Thanks Received: 8,750 in 6,909 posts
Thanks Given: 9,642
Joined: 12 September 18
#1
Information  28 February 19, 07:36
Quote:[Image: building-cybersecurity-culture-featured.jpg]

When we talk about practical advice for companies, we always say something like “Raise your employees’ security awareness.” That advice is unquestionably strong, but we have noticed that not everybody understands the term [i]security awareness[/i] in quite the same way. We would like to explain what we mean when talking about this subject.

Security awareness is by no means a set of dull lectures about how dangerous the cyberworld is. We have studied a variety of approaches and can say that categorically. It simply doesn’t work.

Our approach

According to our experience, training will work only if it matches several criteria:
  • It is not pure theory; it teaches things that are relevant to one’s job functions;
  • It does not interrupt students’ daily workflow;
  • It uses real-life, illustrative examples;
  • It gives advice that really can be applied.
Applicability

The last point may sound incredibly obvious, but actually, it is an important point. A good tip is easy: Make every password unique, at least 18 characters long, and containing random symbols; change every single one weekly; and never write down a password on paper. In theory, that advice is great — perhaps even ideal. Is it applicable, though? No. Will anyone follow it? Not a chance. They will continue writing “Passworddd123” on a sticky note. They might start taking the extra second to hide the paper under their keyboard.

That is why our version of password security instead advises people to create several complex “roots” that have meaning only to them and are not part of everyday speech (e.g., [i]meow!72!meow[/i]); add a keyword to the root each time you create a new password (e.g., [i]oxygen-meow!72!meow[/i]); take a piece of paper and write [i]aqualung-cat[/i] on it (i.e., something that you associate with the keyword and the root).

From a classical cybersecurity perspective, that advice is far from ideal. Any security expert would yell, “What are you doing, how can you advise people to write down part of their password?” But it’s actually highly practical — and the best advice is advice people will follow.
Full Reading
[-] The following 1 user says Thank You to harlan4096 for this post:
  • jasonX
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
Windows Repair Toolbox 3.0.4.0
An updated version...harlan4096 — 16:25
SecureAPlus 6.8.1
SecureAPlus 6.8.1:...harlan4096 — 16:22
CrystalDiskInfo 9.3.0
Changes in 9.3.0: ...harlan4096 — 06:59
Microsoft OneDrive on the web is adding ...
Microsoft has anno...harlan4096 — 06:08
Vivaldi Stable 6.7 (3329.21)
Vivaldi Stable 6.7...harlan4096 — 17:09

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
Decimuss's profile Decimuss

>