[Watch Now] Security Awareness - The Human Firewall
In the webinar below (Jul 11th 2024), Tomislav Vuk explores both the importance and the pitfalls in building a security awareness program. Tomislav is a cybersecurity consultant with extensive experience in designing and implementing security awareness trainings. Discover why the future of cybersecurity is about building a resilient human firewall within the organizations.
Note: webinar recording in Croatian language
The webinar slides, plus a few texts and books recommended by Tomislav:
The main mechanism by which threat actors keep breaching organizations remains phishing and social engineering techniques. This is confirmed again and again in analysis of successful attacks, and is consistently found by research (for example, see Verizon's Data Breach Investigation Report).
Of course, these techniques are easier to implement if there are no technical measures such as multi-factor authentication or antimalware. Nevertheless, technical measures and protection technology have advanced to the point that software and operating systems are now more resistant to trivial attacks and the delivery of malicious code.
Yet, precisely because of this, the future guarantees that attackers will rely more and more on the weaknesses and unpreparedness of employees in order to bypass the now improved technical protection measures. New technology such as generative AI is bound to improve both the quality and scalability of phishing attacks.
Strengthening the capacity of employees to resist cyberattacks therefore becomes perhaps the most important segment of cybersecurity. Security awareness is not a one-time education but an integral part of a continuous process or service delivery. If more than 80% of attacks are initiated by social engineering, as research suggests, then the smartest investment is precisely in permanently strengthening the organization's resilience against phishing and related attacks.
