Guide to Cybersecurity Training: Assessing Effectiveness and Avoiding Pitfalls

Employee vigilance is the best line of defense for preventing cyber attacks and controlling the damage afterwards. The recent attack on hedge fund Arena Investors, in which hackers were able to send a malicious phishing email from its chief operating officer’s address, demonstrates the importance of having a cybersecurity training program that delivers the message to the right parties and changes behavior. This final installment of our three-part training series covers using frequent training strategies to gain results, assessing effectiveness, handling common pitfalls and the board’s role. Part two addressed the components of a successful program and strategies for implementing training, including accountability. Part one discussed the importance of training as a cybersecurity defense, guidelines for establishing a training program and whom to train. See also “Designing, Implementing and Assessing an Effective Employee Cybersecurity Training Program (Part One of Three)” (Feb. 17, 2016); Part Two (Mar. 2, 2016); and Part Three (Mar. 16, 2016).

To read the full article

Continue reading your article with a CSLR subscription.