What Is Cyber Security Awareness?

Why is Cyber Security Awareness Important?

What is a Cyber Security Awareness Training?

  • General awareness about cyber threats — which explains the specific kinds of threats employees in different roles might come across, with a focus on the high-impact events like data breaches, phishing, and social engineering attacks
  • Company policy and best practices — which identifies company resources, tools, and software applications and how to incorporate these into daily work habits
  • Reporting and responses — which outlines specific legal requirements and company policies about the timing and extent of consumer and government notifications, as well as steps in response to an actual event
  • Data classification — which teaches how to handle confidential data and may also incorporate a company’s data retention policies
  • Foundational technologies and safety protocols — which provides employees with all resources they need to develop an understanding about the basic components of a security infrastructure
  • Compliance — which specifies the details and requirements for security and privacy regulatory frameworks, such as GDPR and HIPAA
  • Common sense tactics — which help all employees to protect themselves and the company from cyberattacks by providing a blueprint for staying vigilant such as maintaining good cyber hygiene through credential managing, software updates, and regular data backup and developing strong cyber resilience

Is a Cyber security Awareness Training Right for my Business?

Cyber Security Awareness FAQs

When is Cyber Security Awareness Month?

Does cyber security insurance help against phishing scams?

What is spear phishing?

What are the most common types of cyberattacks?

  • There are five main kinds of cyberattacks. These are:
  • Distributed denial of service (DDoS) — an attack to restrict a user from accessing digital resources by flooding the traffic that is used to access the resource via commands to a botnet controller; users are unable to access a server or website, as traffic to that location will be at full capacity.
  • Man in the middle — an attack in which a perpetrator positions himself in a conversation between a user and an application — such as an account holder and her banking institution — either to eavesdrop or to impersonate one of the parties, making it appear as if a normal exchange of information is under way.
  • Email attacks — attacks that are accomplished through:
  • phishing (sending bait in the form of an email that encourages people to share their details)
  • spoofing (sending an email that pretends to come from another person or organization that appears to be a legitimate email) or
  • attachments (image, document, audio or video files sent as an attachment to an email, which the recipient is encouraged to open)
  • Password attacks — attacks to crack or find a password, usually implemented via a:
  • dictionary attack (handling every password that is possible through the dictionary)
  • brute force attack (a time-consuming, trial-and-error method)
  • keylogger attack (a method that records all strokes on a keyboard)
  • shoulder surfing (observing the user’s keyboard by peeking over his shoulder) and
  • rainbow table attack (rainbow tables of precomputed hash values that attackers use to find a user’s password)
  • Malware attacks — attacks that disrupt or damage a computer or system. The three types of malware attacks involve:
  • malware (a malicious program or software)
  • a computer virus (a malicious code that replicates by copying itself to another program or document and changes how a computer works, which requires someone to knowingly or unknowingly spread the infection without the knowledge or permission of a user or system administrator) and
  • worms (standalone programs that run independently and infect systems, which may propagate through network share devices

How can one avoid cybersecurity threats using cyber awareness training?

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store