Chapter 5: Protecting against Common Attacks by Partnering with End Users
If people are the weakest link in an organization, and cybersecurity attacks consist of people exploiting people, it stands to reason that enabling your people to be assets to your security posture is a good thing. Traditional models of annual security awareness training are useless and obsolete. To actually train people, the training must be frequent and realistic. Also, types of training such as simulations and tabletop exercises help to ensure people know what is expected of them and what they should do to fulfill their obligations.
In this chapter, you will learn how an organization can partner with end users to help improve their security posture. You will learn how to structure employee training programs, how to make your end users active participants in the program, and how to train executive and incident response teams to work together seamlessly to execute a coherent response to a potential incident...
