Insider Threat Management

Helpful Training Tips for Minimising Insider Threat Risks

Share with your network!

If you have to run a mandatory cybersecurity training session or activity, you know you’ve got a lot of ground to cover.

You need to tell your potential insider threats (your employees and contractors):

  1. What cybersecurity policies are in place
  2. Why they’re important
  3. What it means for them
  4. How compliance is captured
  5. What happens when policies are breached

The trick isn’t knowing what to cover with a cybersecurity training, but rather how best to do it. The brutal reality is that the majority of people who attend or participate in a training don’t really want to. This is due to a variety of reasons, some of which you’ve no doubt experienced throughout your career.

Do you remember training sessions like this one?:

There is only one word to describe them: painful.

Tools like this video may check off all of the boxes in terms of covering required topics, but they miss something big – an understanding of audience. This can happen with a cybersecurity training as well, and done the wrong way, could increase the likelihood of a potential insider threat-related incident. If you can’t connect with your employees or contractors, they won’t absorb the policies and procedures you’re trying to share with them.

Lucky for you, we’ve assembled a cheat sheet containing a starter pack of helpful training tips for minimising insider threat risks in your organisation. With it, you’ll be able to not only craft a great training session, but an ongoing insider training program!

5 Tips to Improve Training and Minimising Insider Threat Risks

  1. Understand Your Audience

    When you’re looking to train folks inside your organisation (as well as key contractors), you need to understand their wants, needs, trials, and tribulations. In other words, you need to understand their motivations.Consider: How you can connect the policies and procedures you’re talking about with things that they deal with on a regular basis, while building trust and understanding?

  2. Know Your Policies, Keep Them Simple

    If you’re running a cybersecurity training session of some sort, it is assumed you know your policies. But take a step back for a moment.Are your policies easy-to-understand from a non-technical perspective? If you were down in the trenches trying to get something done while following the outlined policies, what are the challenges you might face, and how might you overcome them?

    Consider: How you might be able to balance the security needs outlined by your compliance regulations or higher-ups with the needs of your organisation at-large. Is there a way to maintain the image of staying as hands-off as possible, while safeguarding your systems and data from harm? How might you be able to communicate that to your insiders?

  3. Communicate Policy Changes Well, and Often

    The cybersecurity needs of an organisation come and go on a regular basis, which can be difficult to manage at times. Even more so, it can be confusing to the potential insider threats at your organisation.Consider: We’ve mentioned how it is helpful to understand your audience and keep policies simple, which are both keystone elements of communication, but it is also crucial to be consistent. If a policy change occurs, how might you communicate in a clear and understandable format? In addition, how might you measure success for that acknowledging and accepting that communication?

  4. Make Information Digestible and Interactive

    If you have the ability to make the cybersecurity training session interesting, take a chance and do it. Your insiders will thank you for making what is a mandatory training less dull, and more engaging. Try infusing some humor into your presentation or documentation and reap the benefits. Just please don’t do another video like this.Consider: Would you rather hear someone drone on for an hour about policy, or try to share how policy relates to what you’re personally doing day-in and day-out?

  5. Keep an Open Dialogue

    Gauging whether a cybersecurity training has been successful is a difficult thing to do, but it is mission critical.If possible, try to establish an open-door policy to come and ask questions about what is and is not included in policy, how it works, and sharing any issues faced. Your insiders will appreciate the transparency, and effort, to keep a people problem balanced towards serving PEOPLE!

    Consider: If someone is having a difficult time understanding a policy, or a process, they’re far more likely to cause an insider threat incident than someone who does. It’s really that simple.

Did you find these tips helpful? Find something that we missed? We’d love to hear from you! Feel free to tweet @Proofpoint or message us on Linkedin with your tips, tricks, and feedback.