018. Your Security Awareness Training isn't Working

Just 27% of businesses in the UK reported that staff had attended internal or external training on cybersecurity in the last 12 months* and more often than not, what is being taught is either incomplete or no longer relevant. This talk, which our Technical Director Holly Grace Williams presented at InfoSecurity Europe, discusses the miseducation of cybersecurity aspects such as physical security, phishing and malicious websites and why trying to oversimplify security is a part of the problem. Key points: 2’11 Physical access isn’t just tailgating 10’02 ‘Diffused responsibility’ lowers the chance of a challenge 16’49 Phishing isn’t just emails 19’15 HTTPS doesn’t stop phishing 21’19 Identifying suspicious links 23’00 Cross-site scripting 29’29 Password cracking *https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/791940/Cyber_Security_Breaches_Survey_2019_-_Main_Report.PDF Download on iTunes: apple.co/2Ji61Ek Listening time: 36 minutes For more information, follow us on Twitter @secarma or @secarmalabs or email us at [email protected] Hosted by: Holly Grace Williams, Technical Director at Secarma