Security Awareness

Cybersecurity Forensics Lesson 5.6.2

---

Anomalous Behavior Recognition

• The knowledge and ability to recognize unusual behavior that might signal a security threat
• Things to look for: • Abnormal system activities
• Login patterns
• Data access
• Requires an environment where employees feel safe and inspired to share any suspicious behavior

Cultivating Awareness

• Staff should be knowledgeable and able to recognize behaviors associated with risks:
• Unexpected
• Unintentional
• Risky
• Create clear guidelines on acceptable use policies.
• Have ongoing, interactive learning on data handling, security, and safe browsing policies.

User Guidance and Training

• Develop engaging and comprehensive security handbooks to outline policies and procedures and ensure they are fully accessible to employees.
• Promote situational awareness regarding evolving security threats and current trends.
• Educate employees on Insider threats and how not all threats are from outside sources but can be from employees within an organization using the “if you see something, say something” philosophy.

Key Topics to Outline

• Strong password management practices including training on creating strong passwords and introduce multi-factor authentication.
• Note risks associated with removable media and cables, particularly the use of unauthorized media and integrate this into regular security checks.
• Include training on social engineering tactics through engaging simulations or sharing real-world examples.
• Build operational security, such as communications and data handling practices into daily activities.
• Be aware of how these topics can be covered not just for local employees, but for hybrid/remote workers as well.

Reporting and Monitoring

• Setup mechanism for reporting and monitoring security incidents that can be streamlined and ensure swift and accurate handling of concerns.
• Conduct intensive analysis and reviews of security logs to identify concerns.

Development and Execution

• Implement security awareness seamlessly throughout the entire employee lifecycle by:
• Integrating security into the employee onboarding process.
• Reinforcing awareness through regular training to create a continuous learning environment.
• Developing dynamic programs that correspond with the ever-changing landscape of cybersecurity.
• Providing continuous education, clear policies, and proactive monitoring can contribute to a resilient security environment.