adam's notes

Training Topics and Techniques

  • focus on responsibilities and threats that are relevant to users
  • educate users about new or emerging threats

Computer-Based Training and Gamification

  • Simulations —recreating system interfaces or using emulators so students can practice configuration tasks.
  • Branching scenarios —having students choose between options to find the best choices to solve a cybersecurity incident or configuration problem.
  • Capture the Flag (CTF)

Elements of Security Awareness Training

  • Policy/Handbooks
    • focus on familiarizing users with the organization’s policies, procedures, and guidelines
      • regarding data security, acceptable use of technology resources, data handling, and confidentiality
  • Situational Awareness
    • enhances users’ ability to recognize and respond to potential security threats or suspicious activities
    • emphasizes the importance of being vigilant, observing surroundings, and promptly reporting any unusual or problematic incidents
  • Insider Threat
    • focuses on educating users about the potential risks and signs of insider threats within an organization
    • helps individuals
      • recognize and report suspicious behavior
      • understand the impact of insider threats on data security
      • and promote a culture of trust and accountability
  • Password Management
    • guides users on
      • creating strong, unique passwords
      • avoiding password reuse
      • and implementing best practices for securing and safeguarding passwords
      • importance of regularly updating passwords
      • using multifactor authentication
  • Removable Media and Cables
    • educate users on the risks associated with the unauthorized use, loss, or theft of removable media
    • guides users on the risks associated with malicious charging cables
  • Social Engineering
    • raises awareness about common social engineering tactics employed by attackers
    • helps recognize and avoid falling victim to these manipulative techniques
  • Operational Security
    • focuses on promoting good security practices in day-to-day operations
    • covers physical security, workstation security, data classification, secure communications, and incident reporting
  • Hybrid/Remote Work Environments
    • addresses the unique security challenges associated with working from home or outside the office
    • covers topics such as
      • secure remote access
      • secure Wi-Fi usage
      • protecting physical workspaces
      • and maintaining data security while working remotely

Phishing Campaigns

  • used as employee training mechanisms
  • involve simulated attacks to raise awareness and educate employees
  • automated process
  • recognizing phishing attempts
    • spelling and grammatical errors
    • domain name and email inconsistencies
    • unusual attachments
    • request for personal information

Anomalous Behavior

Anomalous behavior recognition is a system that automatically detects users, hosts, and services that deviate from what is expected, or systems and training that encourage reporting of this by employees.

  • e.g.,
    • unusual network traffic
    • user account activity anomalies
    • insider threat actions
    • abnormal system events
    • and fraudulent transactions
  • Techniques utilized to identify anomalous behavior:
    • network intrusion detection
    • user behavior analytics
    • system log analysis
    • and fraud detection

Recognizing Risky Behaviors

Risky behaviors are actions or practices that threaten data security, systems, or networks.

  • e.g.,
    • unsafe online activities
      • clicking on suspicious links
      • visiting untrusted websites
      • or downloading unauthorized software
    • neglecting security measures
      • using weak passwords
      • sharing credentials
      • or ignoring software updates

Unexpected behaviors are actions that deviate from established security protocols or violate security policies.

  • e.g.,
    • unauthorized access to sensitive information
    • bypassing security controls
    • or disregarding physical security measures

Unintentional behaviors refer to actions without malicious intent but can still have detrimental consequences.

  • e.g.,
    • accidental data breaches
    • mishandling of confidential information
    • or falling victim to social engineering attacks

Graph View

Backlinks