WEEKLY CHALLENGE! Raising Security Awareness


(Jessica) #1

Hello Hackbusters Community! This week’s topic is: Raising Security Awareness

With National Cyber Security Awareness Month just around the corner, I expect to see a peak in the number of training programs and campaigns. This week I’d like to talk about other tools you use to keep security in the forefront of users’ minds for the remaining 11 months of the year.

These tools can be anything from putting up posters, sending out newsletters, info/fact sheets, hints & tips campaigns or simply training users multiple times throughout the year.

How to enter:
Reply to this post with one example of a trick or tool you use to keep users thinking of security.

By submitting your comment, you will be entered into a drawing for some KnowBe4 merch. The winner will be pulled on Monday, Oct. 2nd at 4:30 PM EDT.

References:
Live Webinar - every Monday at 1:30 PM Eastern - Advanced Phishing & Training. Sign up at this link: https://attendee.gotowebinar.com/rt/824983748725718019

How To Set Up A Security Hints And Tips Campaign

Free Posters: https://www.knowbe4.com/resources
Diamond Level Posters: See "How to Use Posters"
How to Use Posters: https://knowbe4.zendesk.com/hc/en-us/articles/115010399868-How-Should-I-Use-the-Posters-Available-in-the-ModStore-

Later this week at Hackbusters:
Tuesday: Ask us all about security awareness plans – This will be an active discussion throughout the day.
Wednesday: Ransomware – Tech Talk.
Thursday: Best practices from the KnowBe4 experts.
Friday: new Did You Know

Jessica S. Managed Services/Community Manager :desktop_computer:


(Thomas Whitmore) #2

I send out weekly security newsletters highlighting one aspect of security policy or security issue. Starting 10/1 we are going to start a competition to encourage staff to read the newsletter with a price of a $25 gift certificate. This is in addition to the scam of the week email KnowBe4 sends out weekly and the routine phishing.


(Lon Heinkel) #3

Our company does quarterly phish testing with the KnowBe4 program. Also as issues happen on a national scale we will send out emails to all employees letting them know of things to be aware of and to look out for. Any more these days it seems like something happens nationally at least once a week.


(Malik Aziz) #4

I make it point to add value with every follow-up call and email. Providing SAT tools such as the PST, EEC etc…to keep the prospect engaged.

Malik


(Jana Rettig) #5

Our company uses the following in the KnowBe4 System: quarterly phishing test, quarterly security awareness training for all employees using the Micro-modules, automated Scam of the Week email, new hires complete 2-3 modules.

In addition, we have an internal intranet that we post newsletters, posters, tips/tricks documents, etc. to continually. There is something posted at all times relevant to passwords, phishing, ransomware, social engineering, red flags, etc. We get content from a variety of sources including KnowBe4, OUCH Securing the Human, IRS Tax Tips, MS-ISAC, us-cert.gov, OnGuardOnline, etc.


(Borg Xaeus) #6

Unfortunately my company does not take security very serious and I forced their hand to organize some user training. The e-mail server is very secure, so I don’t worry much about fake e-mails. I always updated the block-lists and use external CBLs also. Most CnC IPs in circulation are also blocked in the firewall. The weakest point remains the end user.


(Linda) #7

We are creating a InfoSec marketing campaign and plan to give out various types of merchandise with slogans and reminders on them.


#8

If people walk away from their keyboard while still logged in and not screen locked then craft up an e-mail to the team saying that they’re buying donuts for the office tomorrow and send.


(Dennis Lawrence) #9

For now, until we fully deploy our KnowBe4 portal, we take excerpts from Stu’s regular newsletter and distribute them to the staff. We get the same kind of material from other vendors we use such as antivirus. White-label material designed to be re-branded and re-distributed is very helpful when you have nothing in place or are in the process of spinning up something.