Security Awareness Training for Employees

Mimecast security awareness training for employees: getting it right

For CISOs, it's a troubling statistic: more than 90% of security breaches involve some level of human error. That means that even with the best security defenses in place, an employee's mistake can still result in a security breach that can bring an organization to its knees.

That's why security awareness training for employees is so critical, and why so many organizations have collectively poured billions of dollars into training programs. But despite this focused effort on educating employees about security threats, organizations today are even more likely to get hacked then they were just a few years ago.

At Mimecast, we think we know why: most security awareness training for employees is deadly dull. The subject of security best practices isn't terrifically interesting to start with, and if information security awareness training sessions are equally boring, employees won't engage and they won't learn.

That's why we've created something different: security awareness training for employees that uses humor and entertainment to keep employees engaged and drive home critical security lessons.

Components of Mimecast security awareness training for employees

Mimecast cybersecurity awareness training features four components that together provide a comprehensive approach to security awareness training for employees.

• Video-based training modules provide a lighthearted look at serious security topics. Each module covers one specific security topic – from ransomware, phishing and impersonation to creating strong passwords and complying with GDPR regulations. Employees get an overview of what the threat is and how it works, what they can do about it, and the consequences of careless action for the company and themselves.
• Comprehensive testing helps to regularly evaluate employees and track their progress on security awareness. Employees are tested prior to training to set a baseline on their attitudes toward security, and they're tested every six months thereafter to measure changes in their sentiment. Testing also takes place at the end of each training module to reinforce key concepts and to gauge progress on learning. Additionally, a phish testing module provides an easy-to-manage phishing simulation program that allows you to test employees' learning with realistic phishing emails.
• Personalized risk scoring for every employee enables you to see who your riskiest employees are based on testing data and predictive modeling and on an employee's position within the company (some roles and titles are more likely to be targeted by attackers).
• Targeted remediation based on risk scores lets you commit more of your limited training dollars to the employees who represent the greatest risk to organizational security. These employees may need additional training or one-on-one coaching to instill security awareness and change their behavior.

FAQs: what is employee security awareness?

What is employee security awareness?

Employee security awareness refers to an understanding by employees of the wide number of cyber threats that an organization may encounter, how employees can help to mitigate them and how a mistake can lead to a major security breach.

What is the purpose of security awareness training for employees?

Security awareness training for employees is designed to educate users on security best practices that help to avoid or stop security threats from damaging the organization.

Does Mimecast offer Office 365 security and compliance training?

Mimecast security awareness training for employees covers a wide range of security topics, many of which are highly relevant to Office 365 users. These include modules on phishing, ransomware and impersonation as well as compliance with HIPAA and GDPR regulations.