Fixing the Weak Link in the Security Fence

Ransomware

Unless you’ve been completely off the grid for the past few days, you’ve probably heard about the global havoc caused by the outbreak of the “WannaCry” ransomware variant. This one is particularly nasty, in that it includes some worm-like characteristics that allow it to spread across a network and infect multiple machines, not just the computer of the poor soul who clicked on the wrong link.

In this blog, we’ve written a lot about security, and quite a bit about the various options available for a multi-layer approach to ransomware protection. But let’s face it – the weak link in the security fence is the user. If you’re an IT professional, it’s part of your job to worry about security stuff. But your users have other jobs, and they often don’t think about security when they’re trying to get them done. So how do you deal with that? You can drag them all into a room once a year and make them look at a PowerPoint presentation on security, but how do you know they were actually paying attention? And is once a year enough? How do you handle new hires – do you train them individually? Do you hold monthly training for new hires? And how much of your time is all of this going to consume?

One possibility is a subscription service like that available from KnowBe4. Not only do they provide access to a wealth of training material, including self-study modules that employees can work through at their own pace and go back to on demand for refresher training, they allow you to set up simulated attack scenarios, and see how many users actually click on the bad thing! And if they do, they get immediate feedback, with pointers on what warning signs they should look for in the future. When users get bitten a few times, they’ll start being more careful about what they click on…and, after all, isn’t that what we really want? Plus you, and your upper management, can measure the effectiveness of your training program, so you see exactly what you’re getting for your investment.

Full Disclosure: I work for a technology company that resells KnowBe4 subscription services.

Leave a Comment