Digital Conflict

By Kevin Coleman

Blog archive

Citizen soldiers: Users must defend cyber front line

It is neither the National Security Agency nor the Cyber Command, but the user community that is on the front lines of cyber defense. The actions of users that have been attributed to a moderate percentage of cyberattack successes is what has to be addressed. We need to increase the users’ knowledge and awareness.

Given that users are on the front line, cyber threat awareness training is a must in today’s high-threat environment. However, only a small percentage of users receive awareness training about cyberattack techniques that target them. The purpose of cyber awareness training is to focus attention of users on security and common techniques used by attackers. Because this threat environment is so dynamic, cyber threat awareness training must be continual and not a one time thing.

The effort to improve awareness of cyber threats is designed to change the behavior and reinforce good security practices by computer users. To be effective at this, organizations must present meaningful and timely subjects to the general user community on a regular basis. The Technolytics Institute think tank for which I work has analyzed this area and concluded that the awareness training should be conducted every other month rather than each month. That’s because a monthly cycle seems to wear on the users and might be viewed as too received as too heavy. Technolytics found that end-user training topics must include:

    *Common mistakes.
    *E-mail threats.
    *Social engineering.
    *Phishing.
    *Passwords.
    *Cyber terrorism.
    *Common attacks.
    *Symptoms of attack.
    *Anti-virus software.
    *Spam threat.
    *Personal accountability.
    *Other connected devices.

Keeping users aware of cybersecurity threats is a critical aspect of an organization’s overall security program. If we were able to cut routine user mistakes in half, the integrity of our systems would increase exponentially.

Posted by Kevin Coleman on May 05, 2011 at 12:12 PM


Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.