User training: Not surprising, the SANS report finds that phishing, smishing, vishing tops the list of human risks, followed by passwords, authentication, detection, reporting, and IT admin misconfiguration.
Training should focus on these four areas and go beyond annual computer-based training to include continuous training so that key concepts are reinforced year-round.
Involving security teams in the development of human-focused security training helps ensure content remains highly relevant to the organization.
In this article, you will learn more about:
Security Awareness programs
User training
Security automation
New technologies