Worth It or Waste of Time: The Effect of Awareness Training on Network Security

Worth It or Waste of Time: The Effect of Awareness Training on Network Security
Page content

Network Security Training Awareness: Why It Is Worth It

“Security Awareness Is a Vital Defense.” [1] Technology solutions, security policies, and operational procedures alone can not protect computer users from the various network security issues: attacks, incidents, and breaches in security. User awareness by way of training has what it takes to raise critical security awareness issues.

These days, computer users are receiving the training they need to recognize and prevent emerging threats and risks with network security awareness training. “Awareness is not training. The purpose of awareness presentations is simply to focus attention on security. Awareness presentations are intended to allow individuals to recognize IT security concerns and respond accordingly." [2] Furthermore, as stated by NIST, “addressing the people factor is key to ensuring an adequate and appropriate level of IT security within an organization, large or small.” [3]

Why network security training awareness is worth it: A security-aware culture is essential to respond to the increasing number of network security alerts. It empowers each computer user with the knowledge of his or her role in protecting the organization’s network. It has proven to be a cost-effective method to mitigate network security risks. Furthermore, it reinforces network security policies and procedures.

Network security awareness training has proven to be one of the best methods to address security issues. It provides network system users with updated information on security best practices. It makes users aware of how to protect computer systems and data as well as prevent and detect network security vulnerabilities.

The training may be geared towards network users, but it is worth the time of every computer employee and manager. The training is not a waste of time. People tend to learn a lot from the training as it provides the information relevant to the users’ use and behavior of computers on networks.

For those of you interested in implementing a security awareness training program, here are some useful sources:

Otherwise, you may be interested in seeking the help from Security Awareness Company (SAC) that is available to help promote Security Awareness.

Advice: For a network security program to be effective, awareness training must done annually to make certain users are aware of the latest security threats, attacks, and incidents.

Network Security Training Awareness: Cases and Statistics

For several years now, there have been reported cases and statistics on network security issues. There is a history of malicious activities, behaviors, and events that have affected millions of computer users and networks. The article, “The History behind Network Security,” covers many of the significant events that have happened over the past forty years.

The article “Computer and Network Security Research” states there is still today a lack of training in network security awareness. An InformationWeek Analytics Strategic Security Survey (see image section) confirms this information is true. Training is the answer to overcoming security issues. Every computer user should attend some type of security awareness training and be familiar with security policies and standards (as well as laws). In addition to training, it is also a good idea to stay current with security-related events, cases and statistics. For more information, see: https://www.mysecurityiq.org/stats.html.

Images by Native Intelligence, Inc. and InformationWeek

InformationWeek Analytics Research (2009/2010)

Security Basics - User Awareness

Communicating a Security Awareness Training Policy

Ideas to Promote Information Security Awareness

Resource Section

[1] Cisco: https://www.cisco.com/web/about/security/intelligence/mysdn-social-engineering.html

[2] NIST (Special Publication 800-16): https://csrc.nist.gov/publications/nistpubs/800-16/800-16.pdf

[3] NIST: https://www.itl.nist.gov/lab/bulletns/bltnoct03.htm

Reference Section

SANS (Security Awareness Tip of The Day): https://www.sans.org/tip_of_the_day.php

InfoSecurityLab (Security Awareness Products and Solutions): https://www.infosecuritylab.com/

**Native Intelligence (****Why Awareness Is Important):**https://www.nativeintelligence.com/ni-programs/whyaware.asp