Security Awareness Training Reflection

Paper As we all know, in the digital era, the data that we store online should be secured because
these data are prone to cybersecurity threats if we didn’t secure those data enough. Based on
the three articles that I read, I have learned that there are many articles about it that similarly
teaches people on how to teach people security awareness effectively most especially, to
remote workers. The common advice that we hear or read online are do not click on strange
links, use strong passwords, etc. But since cyberattacks are still happening, those advice does
not always work that way. Since remote work is a thing in today’s world, it is important for
remote workers to keep digital assets and data safe because they are the cybersecurity expert
of their own home offices since they use their own computer to get the job done conveniently.
To make it possible, it is important for remote workers to learn how to use easy-to-use tools for
security awareness because these tools are useful in preventing cyber threats to
happen and it is also important for them to know exactly the right person to ask for questions
about cybersecurity to secure the environment of people who use either hybrid or remote
setup. I also have learned that security awareness training could be boring for many people
despite that it offers good reason for them to learn it annually. To make it effective and
interesting, it is suggested that the objective or the goal of security awareness should not be
just to check the box because it will be better if they will encourage the employees to see the
importance or value of security, to develop their own curiosity to learn more about security
awareness, and to have or feel a sense of ownership and empowerment to do the right thing. In
fact, cybercriminals have shifted from complex, time-consuming technical exploits to ruthlessly
target end-users through email, social media, etc. The essentials that are needed in security
awareness program are identify risk. Identifying risk is very important because it involves both
the vulnerabilities of the end-user and the incoming threats that can target a certain
organization or employee in general. The risk can be identified by assessing general
cybersecurity knowledge, by gauging the vulnerability of the user to specific phishing websites,
and by using threat intelligence to determine the methods that the attackers are using and to
determine their target in their attack. Aside from that, it is important for employees to have
knowledge of the actions and behaviors that can help improve their cyber hygiene whether they
are at work or at home because it can help build a security culture, which can make users have
the same purpose. Therefore, using these essentials in our advantage.