Here at InfoSec Institute, we get pretty excited about events like National Cyber Security Awareness Month (NCSAM) and European Cyber Security Month (ECSM). Cybersecurity is our lifestyle, and Cyber Security Awareness Month is our opportunity to help you motivate your employees to care about security at your organization.
If you’re like most cybersecurity pros we know, the security awareness training manager hat is just one of many hanging in your server room. While you’ve been busy patching vulnerabilities and monitoring your networks, we’ve built out a series of free resources to help you kick off Cybersecurity Awareness Month like you’ve been planning for it all year.
The best part? We’ve released enough free resources to help you promote secure workplace habits all month long. Follow our roadmap to boost your employees’ security awareness in October and beyond.
Step 1: Warn End Users About Threats Lurking in Their Inboxes
Phishing: The security threat that just keeps swimming. Our new Marine Lowlife poster series will warn your users about the tactics hackers use to steal protected information over email. Every poster is short and to-the-point to keep messaging effective.
Hang a new poster in common areas every week to boost employee security awareness in a fun, digestible way. Posters include:
- Marine Lowlife: Swimming in Email?
- Common Phish (Moneywirus nigerius)
- Whaling Shark (Authoritium falsificus)
- Spearphish (Identificus antargetum)
- Clone Phish (Xeroxus imitatium)
Step 2: Share Actionable Ways to Keep Data Secure
Our five new infographics are like cybersecurity SparkNotes for your employees. They cover need-to-know awareness topics like business email compromise (BEC) to reinforce messages from your existing awareness training program.
- Spam or Phishing Email?: Teach your users the key differences between spam emails and phishing attacks
- How to Recognize a Malicious Attachment: Prevent your users from downloading malicious attachments with this new guide
- End User’s Guide to a Clean Inbox: This tip sheet shares nine actionable ways your users can keep spam out of their inboxes
- Common Phishing Attack Types: Teach your users how to avoid these six common phishing scams
- 9 BEC Attack Red Flags: Increase end-user awareness of these nine common BEC-attack red flags
Step 3: Invest in Yourself
As an infosec pro, you already know the value of continuing education. These three webinars share best practices and tips from tenured security awareness training professionals. Apply their techniques to your own program to boost results and make awareness training messages stick.
Selling Security Sizzle: Marketing Tips for Training & Awareness
Lisa Plaggemier, security education guru, will share proven persuasion techniques to help you “sell” employees on awareness training and ultimately influence security behaviors.
5 Steps to Preventing Ransomware Attacks With a Cyber-Aware Staff
Join Pete Just, CTO of Metro School District of Wayne Township, to learn how his five-step security awareness program boosts staff awareness and helps his district stay ransomware free. Register today for this District Administration webinar on October 5.
After Awareness: Mobilizing Your Human Firewall With PhishNotify
Join Zach Luze, CISSP, CISA and CISO at Tennessee State University, to learn how he uses the PhishNotify email reporting tool to increase awareness and stay ahead of email-based security threats at the college.
Step 4: Add Another Layer to Your Security Strategy With SecurityIQ
If you’re not already a SecurityIQ client, we’d love to show you how our multi-layered approach to security awareness education will help you deliver the right training to the right employees at the right time. With 1000s of phishing simulations and 100s of awareness training modules, we make it easy for you to keep employee security awareness training relevant, fresh and fun.