Network Trace
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

03) Do employees receive an information security and data protection training programme?

August 30, 2022
HR Security

Answer yes if your organisation runs an information security and data protection training programme for all of your employees. Please outline the nature and frequency of the training programme in the notes section, including any additional training provided to staff with greater responsibility or more privileged system access.

A large number of cyber security attacks involve the manipulation or tricking of your employees into doing an action that compromises your company’s security controls – this is called social engineering.

It is important to train your employees on security good practice and to help them spot and report attacks when they recognise them. Training should include information on the process for reporting an incident within the company and this information should be continuously reinforced using a security awareness programme.

How to implement the control

There are a number of security training providers online who offer products and services to train your employees to spot and report cyber security incidents.

Examples include Immersive Labs and Bob’s Business.

If you would like to contribute to this article or provide feedback, please email Contributors will be recognised on our contributors page.

Pattern Trapezoid Mesh

Defend against supply chain attacks with Defend-As-One.

No organisation is an island.