Security awareness training has traditionally focused on basic phishing defense and password hygiene, but are these topics still the most relevant?
Key Topics for 2025 to Combat Modern Threats
Key Topics for 2025 to Combat Modern Threats
Reinventing Security Awareness: Key Focus for 2025
- Thread starter precious
- Start date
With phishing being the #1 attack vector, it definitely commands priority attention.
With passwords being the primary means of users authenticating into almost every portal, it commands that same level of attention as phishing.
I'd modify the wording of your question a little bit because "the most relevant" is not a very definitive reference. Now, if "the most relevant" were replaced with something like "in the top five", now that narrows things down considerably. In other words, I've got somewhat of a metric attached to the question.
Those questions like, "Who is the best football player in the NFL?" If that's the complete question, that's too vague, too broad! Biases and prejudices (subjective) are probably going to dominate the responses, rather than objective replies. If the question is rephrased, "Who is the best football player, in terms of total number of receptions?", now I've got a metric attached to the query, and that eliminates any subjectivity, because FACTS can't be disputed!!!!!
Whew! My short answer is up there somewhere toward the beginning of this sermon
Thank you so much for your insightful reply....Phishing and passwords stay in the 'top 5' hall of fame! Appreciate the sermon; I'll take the metrics to heart.With phishing being the #1 attack vector, it definitely commands priority attention.
With passwords being the primary means of users authenticating into almost every portal, it commands that same level of attention as phishing.
I'd modify the wording of your question a little bit because "the most relevant" is not a very definitive reference. Now, if "the most relevant" were replaced with something like "in the top five", now that narrows things down considerably. In other words, I've got somewhat of a metric attached to the question.
Those questions like, "Who is the best football player in the NFL?" If that's the complete question, that's too vague, too broad! Biases and prejudices (subjective) are probably going to dominate the responses, rather than objective replies. If the question is rephrased, "Who is the best football player, in terms of total number of receptions?", now I've got a metric attached to the query, and that eliminates any subjectivity, because FACTS can't be disputed!!!!!
Whew! My short answer is up there somewhere toward the beginning of this sermon
Oh, I think security awareness is far more than phishing and passwords. And I'm not so sure they are even in the top five anymore.
Identity Protection is probably the most massive requirement now. Ransomware...malware protection, multi-factor authentication to replace those feeble passwords, are regularly part of security briefings and trainings now.
Identity Protection is probably the most massive requirement now. Ransomware...malware protection, multi-factor authentication to replace those feeble passwords, are regularly part of security briefings and trainings now.
The focus is now on identity protection, MFA, and endpoint security, especially with the rise of ransomware and cloud environments.