Page 3 - Cyber-Security-Awareness-Program _Methodology_eBook_InfoSight
P. 3

At InfoSight Inc., we understand that implementing a high-impact
cyber security awareness program can be a challenge. A major
problem is that annual training (or training on long-term intervals) is
really not very effective. Additionally, it takes more than training
courses alone to create a “security conscience culture” within any
organization. To add to the challenge, the cyber threat landscape is
ever increasing, and for it to be effective your security awareness
content must adapt in the proper time. Lastly, for maximum
effectiveness, testing must occur to identify gaps and adjust to your
target audience.

                                                                                The Impact of
                                                                                Social Engineering Testing
                                                                                First phish: 30-60% fall victim.
                                                                                • 6-12 months later: Low as 5%.
                                                                                • The more often the assessments,

                                                                                    the more effective the impact.
                                                                                     – Quarterly: 19%
                                                                                     – Every other month: 12%
                                                                                     – Monthly: 05%
                                                                                • Over time you will most likely have
                                                                                    to increase the difficulty of tests.

Cyber Security Awareness Program™, InfoSight Inc.  3
   1   2   3   4   5   6   7   8