Terranova offers training opportunities that are specifically geared toward the financial services industry. Transform your audience into security champions who apply best practices for information security awareness (ISA). Empower users by teaching them about spear phishing, malware, and endpoint attacks. Terranova partners with you in managing compliance objectives, fraud prevention, and preventing risks to reputation. Our goal is to get your entire team on board and cybersecurity-literate!
As we leap into 2018, organizations from various sectors, including the financial services industry, are looking for effective ways to meet privacy regulations and guarantee the safe-handling of sensitive information. Businesses, as dynamic entities, are making conscious decisions to ensure adaptive and technological strategies that protect the privacy of clients as well as core business data.
Likewise, CISOs are finding innovative ways to engage employees and reinforce information security awareness (ISA) within their organization. The common objective has moved past the solely technological toward more human-conscious efforts. And that is a good thing.
Still, more work needs to be done in this regard.
A recent BlackBerry Report reveals that although most financial services companies are greatly investing in data security programs, fewer are directing their attention to awareness training. The report emphasizes:
Despite the fact that the vast majority of respondents [on a total of 200] said that their firms had security policies covering unstructured data, only 35% of survey respondents reported they were certain about their business processes around collaboration and file sharing meet regulatory requirements. One third of the respondents said they were only ‘somewhat confident’ or ‘not at all confident’ about their ability to meet regulatory requirements.
This is worrisome. Employees are key actors in cybersecurity awareness. They handle sensitive information daily: for example, applying encryption mode to emails when necessary and making sure that private information is properly stored under lock and key. Overall, they represent the frontline for information security. Organizations in the financial industry need to get employees on their side to better prevent and report suspicious online activities.
As businesses put into place policies and procedures to meet regulatory compliance, they should invest time and effort in teaching these security actions to staff at all levels. What is the use in having detailed policies and procedures if employees are not understanding these responsibilities? Awareness is essentially about making sure that all users understand and work according to the organization’s information security structure. Campaigns promoting information security awareness should include permanent staff as well as partners and part-time consultants, according to the Blackberry report. The idea is that everyone is on board for success.