Pin Me

Network Security Awareness Training: Worth It or Waste of Time?

written by: Daniel Brecht•edited by: Bill Fulks•updated: 12/18/2010

Network security awareness training is not a waste of time; rather, it is a worthwhile program for all computer users. It focuses on specific security issues relevant to everyone's use of computers on networks.

  • slide 1 of 6

    Network Security Training Awareness: Why It Is Worth It

    "Security Awareness Is a Vital Defense." [1] Technology solutions, security policies, and operational procedures alone can not protect computer users from the various network security issues: attacks, incidents, and breaches in security. User awareness by way of training has what it takes to raise critical security awareness issues.

    These days, computer users are receiving the training they need to recognize and prevent emerging threats and risks with network security awareness training. “Awareness is not training. The purpose of awareness presentations is simply to focus attention on security. Awareness presentations are intended to allow individuals to recognize IT security concerns and respond accordingly." [2] Furthermore, as stated by NIST, "addressing the people factor is key to ensuring an adequate and appropriate level of IT security within an organization, large or small." [3]

    Why network security training awareness is worth it: A security-aware culture is essential to respond to the increasing number of network security alerts. It empowers each computer user with the knowledge of his or her role in protecting the organization’s network. It has proven to be a cost-effective method to mitigate network security risks. Furthermore, it reinforces network security policies and procedures.

    Network security awareness training has proven to be one of the best methods to address security issues. It provides network system users with updated information on security best practices. It makes users aware of how to protect computer systems and data as well as prevent and detect network security vulnerabilities.

    The training may be geared towards network users, but it is worth the time of every computer employee and manager. The training is not a waste of time. People tend to learn a lot from the training as it provides the information relevant to the users' use and behavior of computers on networks.

    For those of you interested in implementing a security awareness training program, here are some useful sources:

    Otherwise, you may be interested in seeking the help from Security Awareness Company (SAC) that is available to help promote Security Awareness.

    Advice: For a network security program to be effective, awareness training must done annually to make certain users are aware of the latest security threats, attacks, and incidents.

  • slide 2 of 6

    Network Security Training Awareness: Cases and Statistics

    For several years now, there have been reported cases and statistics on network security issues. There is a history of malicious activities, behaviors, and events that have affected millions of computer users and networks. The article, "The History behind Network Security," covers many of the significant events that have happened over the past forty years.

    The article "Computer and Network Security Research" states there is still today a lack of training in network security awareness. An InformationWeek Analytics Strategic Security Survey (see image section) confirms this information is true. Training is the answer to overcoming security issues. Every computer user should attend some type of security awareness training and be familiar with security policies and standards (as well as laws). In addition to training, it is also a good idea to stay current with security-related events, cases and statistics. For more information, see:

  • slide 3 of 6

    Images by Native Intelligence, Inc. and InformationWeek

    Security Awareness: A Sound Business StrategyInformationWeek Analytics Research (2009/2010)
  • slide 5 of 6

    Resource Section

    [1] Cisco:

    [2] NIST (Special Publication 800-16):

    [3] NIST:

  • slide 6 of 6

    Reference Section

    SANS (Security Awareness Tip of The Day):

    InfoSecurityLab (Security Awareness Products and Solutions):

    Native Intelligence (Why Awareness Is Important):