For years, most organizations have viewed security awareness training of their employees as a check-in-the-box obligation to doing business in a compliance-focused world.
But as corporations warm up to the fact that many large-scale breaches are due to end-user error, they are recognizing the need to truly change user behavior to protect data and avoid compromises that could tarnish their reputation and drain their bottom line.
In this SC Magazine Podcast, Lance Spitzner, training director at the SANS Institute, explains how organizations can use novel techniques to get the message of security across to staff.
He also touches on the benefits of rewarding good behavior. And you might be surprised by what sorts of prizes are most effective.
Think Easter.
