One of main sources of ICT security exposure may be the users within an institution. Users may expose the institution to risks by their behaviour whether maliciously or through bad practices or lack of understanding. Educating users is an important part of an organisation’s approach to minimising and mitigating risk so that users understand potential threats that the business could be exposed to e.g.
- Password Management
- How to stay safe online
HEAnet will provide a general security awareness training programme delivering online or face to face training. The security awareness training is aimed at Faculty staff and tailored to the needs of the Irish Education and Research sector.
Phishing simulations are a very important part of the security awareness training, as they allow institutions to assess how their staff handle phishing attacks by sending realistic phishing emails to the staff. The resulting statistics can then be used by the institution to establish a baseline security level, as well as to identify areas of improvement in terms of security awareness.