Digital Conflict

By Kevin Coleman

Blog archive

Citizen soldiers: Users must defend cyber front line

It is neither the National Security Agency nor the Cyber Command, but the user community that is on the front lines of cyber defense. The actions of users that have been attributed to a moderate percentage of cyberattack successes is what has to be addressed. We need to increase the users’ knowledge and awareness.

Given that users are on the front line, cyber threat awareness training is a must in today’s high-threat environment. However, only a small percentage of users receive awareness training about cyberattack techniques that target them. The purpose of cyber awareness training is to focus attention of users on security and common techniques used by attackers. Because this threat environment is so dynamic, cyber threat awareness training must be continual and not a one time thing.

The effort to improve awareness of cyber threats is designed to change the behavior and reinforce good security practices by computer users. To be effective at this, organizations must present meaningful and timely subjects to the general user community on a regular basis. The Technolytics Institute think tank for which I work has analyzed this area and concluded that the awareness training should be conducted every other month rather than each month. That’s because a monthly cycle seems to wear on the users and might be viewed as too received as too heavy. Technolytics found that end-user training topics must include:

    *Common mistakes.
    *E-mail threats.
    *Social engineering.
    *Phishing.
    *Passwords.
    *Cyber terrorism.
    *Common attacks.
    *Symptoms of attack.
    *Anti-virus software.
    *Spam threat.
    *Personal accountability.
    *Other connected devices.

Keeping users aware of cybersecurity threats is a critical aspect of an organization’s overall security program. If we were able to cut routine user mistakes in half, the integrity of our systems would increase exponentially.

Posted by Kevin Coleman on May 05, 2011 at 12:12 PM


Featured

  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

  • Workforce
    online collaboration (elenabsl/Shutterstock.com)

    Federal employee job satisfaction climbed during pandemic

    The survey documents the rapid change to teleworking postures in government under the COVID-19 pandemic.

Stay Connected