Employees need training when it comes to recognizing potential cyber threats. They should be on notice that, no matter their position within an organization, they too are responsible for doing their part in maintaining security standards and following proper reporting protocols. Consider this real-life example. An organization in Scotland is suing an employee for failing to spot a CEO spoofing scam, but the employee claims she never received any real training in how to recognize fraudulent emails.1 Though the employee appears to have acknowledged a brief warning, this case demonstrates the need for organizations to clearly and consistently set expectations when it comes to cyber training and awareness.
Read Full Article