Adrian Johnson
TLDR:
Key Points:
- Security awareness training is essential for organizations to combat cyber threats.
- Threat intelligence can make security training more impactful by providing real-world examples and personalized narratives.
In the article “Making security awareness training impactful using threat intelligence,” Matt Sparrow discusses the importance of incorporating threat intelligence into security awareness training to make it more effective. While many organizations conduct security awareness training, the level of commitment and impact varies. Some see it as a compliance requirement, while others may bombard employees with generic information during Cyber Security Awareness month.
Sparrow highlights the importance of discussing risks and engaging employees in the topic of cybersecurity to increase their response to threats. Despite efforts, employees still fall victim to attacks like phishing and phone scams, indicating a need for a different approach.
The article emphasizes the power of threat intelligence in making security training more engaging and relatable. By using real-world examples and personalized narratives, organizations can help employees understand the value of their information and the tactics used by attackers. Sparrow explains the difference between operational threat intelligence, which helps defend networks, and traditional threat intelligence, which focuses on post-mortem analysis of attacks.
Furthermore, the article delves into how organizations can leverage threat intelligence to personalize training for different departments within the company. Sparrow provides examples of valuable information held by departments such as Human Resources, Marketing, Legal, Research and Development, and Security and Operations. By integrating threat intelligence into training, organizations can create a more engaging and impactful learning experience for employees.
Overall, the article underscores the importance of making security awareness training more personalized and relevant to employees by incorporating threat intelligence. By adopting this approach, organizations can improve their cybersecurity posture and better prepare employees to identify and respond to threats.
