cover of episode Are Security Awareness Training Platforms Effective?

Are Security Awareness Training Platforms Effective?

2024/11/21
logo of podcast Defense in Depth

Defense in Depth
AI Deep Dive AI Chapters Transcript
People
C
Carl J
D
Dan Walsh
D
David Spark
创始人和执行制作人,主持人,专注于网络安全媒体网络和播客的制作和主持。
D
David Volkov
D
Debra
K
Kevin Walker
S
Sam Overholt
S
Sharon Milz
T
Tim Golden
Topics
David Spark 认为安全意识培训项目的效果存在争议,点击率的降低并不一定代表安全性的提升。Dan Walsh 认为降低点击率很重要,但其他潜在的安全问题也可能导致安全漏洞。Sharon Milz 认为安全意识培训的目标应区分合规性检查和文化改变,并需要根据不同部门的需求进行定制。Sam Overholt 强调任何培训都比没有好,但安全意识培训需要正确的人员来推动和执行。David Volkov 认为安全意识培训效果不佳,沦为价格竞争。Debra 认为有针对性的培训仍然有益,例如钓鱼预防和密码管理。Kevin Walker 认为安全意识培训是整体安全策略的一部分,而非万能的解决方案。Tim Golden 认为培训公司需要聘请了解学习者学习方式的专业人员。Carl J 认为有效的钓鱼意识培训需要涵盖所有渠道、关注最新趋势和提供客观的衡量指标。

Deep Dive

Chapters
The discussion begins with skepticism about the effectiveness of security awareness training programs and explores the role of culture versus compliance in these programs.
  • Security awareness is a key part of any security program.
  • There is debate on how to measure the success of training programs.
  • Compliance and culture are two different aspects of security awareness training.

Shownotes Transcript

All links and images for this episode can be found on CISO Series).

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark) (@dspark)), the producer of CISO Series), and Dan Walsh), CISO, Paxos). Joining us is Sharon Milz), CISO, Time). In this episode:

A vicious cycle Not all training is created equal Don’t forget the human factor We can still define success

Thanks to our podcast sponsor, Intezer

Intezer’s AI-driven solution automates alert triage and investigations, cutting through the noise to highlight serious threats. By integrating with your security tools, it escalates only 4% of alerts for fast remediation, helping SOC teams focus on what matters. Learn more at intezer.com) today!