Organizations hire people to do lots of things, from sales to marketing to finance. As you might expect, the job descriptions typically include various relevant skills and experiences. And although almost all employees use technology--and many will have access to sensitive business information--the job descriptions usually do not reference skills such as “strong password creator” or “expert at identifying phishing emails” or “cyber security expert.” They should.
Because in today’s world, we need employees who are “cyber situationally aware.” The more adept employees are at recognizing cyber risks—spotting phishing messages or recognizing the importance of keeping software up-to-date, for instance—the more likely they will be to protect, detect, and respond appropriately.
The burden frequently falls squarely on IT and infosec teams to create and deliver cybersecurity awareness education and training. Tensyl can help. We have experience developing comprehensive cybersecurity awareness education and training programs. We create and deliver in-person cybersecurity awareness trainings, customized to reflect our clients’ IT environment, business practices, and the latest attacker threat profiles. To supplement in-person trainings, Tensyl often recommends that our clients invest in simulated email campaign technology. These tools simulate real phishing emails with safe examples. Although Tensyl does not provide the software itself, we work closely with our clients to select, deploy, and manage this technology.