Extract

Chapter 3: Raise Awareness About Cyber Attacks

You might not be able to give every member of your staff a taste of “a day in the life of a security engineer”, but for those that you can’t, education is a powerful weapon that will reduce your SOC’s workload. Increase the conversations in your workplace that concern security with more than just occasional “Security awareness” seminars (although don’t forget to run those, too!). Increasing awareness creates more vigilant staff, and more vigilance means less chance of attacks ever getting past your weakest line of defense: the people on your network. That, in turn, will help lessen the burden on your SOC or IT security team.

With phishing and spear-phishing campaigns the primary vector of credential theft, consider running regular phishing awareness and phishing simulation campaigns on your staff to make them aware of just how convincing phishing attacks can be.

On top of that, if you’re not employing some kind of media or device control on your endpoints, raise awareness about the dangers of infected USBs and just how easy it is for employees to unwittingly compromise the firm’s security. You could even consider replicating the famous USB key dropping test carried out at the University of Illinois. Social engineering keys are the easiest to create as they use simple HTML files and phish users for credentials.

The point is try to think creatively about how to engage staff with security issues that intersect with their everyday work and practices. Whether it’s the folk in Marketing and Sales, Finance and Accounting, or R&D and Engineering, cybersecurity comes into contact with them all. However you do it, aim to integrate all your staff as “security partners” and avoid isolating your IT team. If your security team is hiding away under the stairs or in a small back office, you’re insulating your staff and the knowledge they hold not just from each other but also from the security issues that face your entire business.