According to the Verizon Data Breach Report, 4% of our people will click on a phishing email every time they receive one. How can we patch our people, as we patch outdated operating systems, vulnerable software programs, and firmware on hardware devices? Hardware and software programs generally do as they are instructed, but people do not and can easily fall victim to social engineering attacks. Education and training can be our process to patch our people. During our session, we will explore traditional ways education has been deployed and look to improve those processes with more advanced and effective methods of patching our people. We will also look at best practices for addressing similar issues with business customers and highlight common educational practices.
One major objective of this session is to highlight the need for continual educational programs for people. Historically, we have trained people for an hour every 365 days. Now compare this to patching our IT systems, some do that monthly. A continual educational program will enable better decision making by employees, board members, and customers every day. Ensuring continual reminders and awareness to critical banking issues.
- Employee, Board, and Customer training models
- Weaknesses in compliance based approach to education
- Implementing a risk based approach
- Building an effective policy
- Key elements of improved security awareness and training programs
- Integration with social engineering test
Who Should Attend?
Information Security Officer, IT Manager, Risk Officer, Internal Auditor, and Executives looking to understand the risk around Social Engineering and how to mitigate people risk.
Please note: This site employs features that may cause unexpected behavior in older versions of Internet Explorer. If you experience a problem, try refreshing your screen. If this doesn't solve the problem, click on this link.
You may contact us by using the Online Chat button below.