Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecuritySecurity & Business ResilienceSecurity Education & Training

The first line of defense: Why employees are the key to stronger cybersecurity

By Dan Callahan
enterprise wide cybersecurity training
January 21, 2021

“Don’t click there. Don’t do that.” Employees know the drill. Cybersecurity teams hope these warnings will keep employees from doing something that will put the organization at risk. And, rightfully so. Research conducted in 2016 showed that 91% of cyber-attacks start with a phishing email. The number of insider threat incidents has also increased – by 47% over the last two years. Whether there is malicious intent or not, statistics like these are why security teams view their employees as a gateway for hackers to infiltrate the network.

In 2020, enterprises have undergone enormous change. Many employees now work from homes spread out around the globe. The pandemic has created a fundamental shift in how workers connect to their company networks, use their company-issued devices, and complete their tasks.

With all of these additional distractions, ensuring your teams are cyber aware is more critical than ever before. Will they be as diligent and cautious in the comfort of their own home? Will the vast increase in access points give attackers another advantage in this never-ending chess match?

With all these changes, it’s time for a new approach to cybersecurity awareness training.

Here are four ways to create training that positions employees as the first line of defense:

Empower your teams

You’ve made the technology investments to make breaching the organization through traditional IT methods complex and challenging. So, cyber criminals may take a different route – hoping an employee will make a mistake.

Show employees that attackers aren’t just throwing darts at the wall, but they’re specifically targeting certain employees for certain reasons. Based on each person’s role, have them think about what they have access to? What things they may be saying publicly, perhaps on social media, that could be used against them or the company? How could that access be beneficial to a hacker? As an individual, an employee can make an enormous impact on an organization – both positively and negatively – when it comes to cybersecurity. No one wants to be the weakest link. Empower everyone within the enterprise to view themselves as the armor on the perimeter that can stop attacks before they start.

Provide insight on the adversary

Many current cybersecurity awareness training programs tell employees about the warning signs to watch out for. But for this training to resonate, employees need to understand why these attacks are occurring in the first place. What are attackers trying to do? How are they trying to do it? Take them inside the mind of the adversary. Show them the research, reconnaissance and how campaigns are designed and customized for an individual employee – using their emotions and behaviors against them. When your teams see the details from the attacker’s vantage point, they have a stronger grasp of the situation and are more well-positioned to discover these tactics when the attack attempts occur.

Make it real

Training must be relevant to each employee’s role and each company’s industry. How do you translate the impact of a cybersecurity breach to workers within a manufacturing factory or power plant? Make it real. IT and OT (operational technology) environments are more digitally connected than ever. While that has many benefits for production and efficiency, if a breach happens on the IT side, that connectivity means an attacker can pivot laterally – shutting down systems, causing physical damage and impacting people and communities at large. To show employees the impacts of this converged risk, speak their language. Ensuring physical safety means ensuring cyber safety. What should workers be aware of? What does a potential breach or hacking attempt look like – in the world of OT?

Create a cyber-aware culture

From the top down, leadership must speak about the importance of cybersecurity – not just during cybersecurity awareness month, but year-round. Creating a culture that champions good cyber-hygiene and prioritizing it within every new technology implementation or business transformation will resonate with employees. Leading by example with a progressive approach to training can earn buy-in from the organization more effectively.

The training that instills fear (bad things can happen, so don’t click here and don’t do that) does not resonate. It’s time for security leaders to translate the risk of a cyberattack into normal terms. Risk is around us all the time, but employees who are situationally aware will always have cyber safety in the back of their minds. Focus on culture, applicability, education, and empowerment.

 

KEYWORDS: cyber security cyber security awareness cyber security initiatives cybersecurity training

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Dan Callahan is Cybersecurity Training Director at Capgemini North America.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cybersecurity
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Logical Security
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • code-enews

    Don't Shift Left, Start Left: Why Developers Should Be the First Line of Defense

    See More
  • rackspace-wargames

    Moving to a State of Resiliency: Why War Games Are the Key

    See More
  • Understanding the Distinct and Dependent Roles of Data, Privacy and Cybersecurity Professionals

    Liberating network management: Your first line of cyber defense

    See More

Related Products

See More Products
  • facility manager.jpg

    The Facility Manager's Guide to Safety and Security

  • The-Complete-Guide-to-Physi.gif

    The Complete Guide to Physical Security

  • databasehacker

    The Database Hacker's Handboo

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!