Community Edition
Total Tests:
This Week:
Today:
Recent Blog Posts
REvil Ransomware Operator Behind The Kaseya Supply Chain Hack Sentenced To 13 Years In Prison
May 2, 2024
Four Iranian Hackers Charged With Cyberattacks On American Firms
April 25, 2024
An Ex-Amazon Security Engineer Gets 3 Years In Jail For Hacking And Crypto Theft
April 18, 2024
Hacker Fakes His Own Death To Avoid Child Support Payments
April 11, 2024
ATM Skimming Ring Leader Sentenced To 75 Months In Prison
April 4, 2024
Stay in Touch

Get exclusive updates and invitations to our events and webinars:


Your data will stay confidential Private and Confidential

ImmuniWebInternational Media Coverage

How to keep employees happy and safe, and marry security with user experience

By Keumars Afifi-Sabet for IT Pro
Tuesday, October 17, 2023

Zero trust has become the go-to cyber security policy in the modern enterprise, moving from a buzzword to one of the foundational principles of digital transformation – a meteoric rise in just a few short years. And for good reason, given the scale of threats that emanate from inside the business – with user error among the weakest links.

How to guarantee a streamlined employee UX

There’s no good in implementing technical controls, says Dr Ilia Kolochenko, a cyber security and cyber law expert and CEO of ImmuniWeb, without adequate training. “Technical controls will bring more harm than good if implemented without proper education of end users.

“Users deserve friendly training that would convincingly explain why all these security controls – that most users may reasonably perceive rather as a hindrance – are really needed to protect their company, their colleagues, and even themselves.”

He says once they accept that such controls are needed, even more training is needed to convey how to use them efficiently. Some businesses, he warns, may be tempted to impose technocratic training – but it really pays to offer some kind of reward for engagement, such as company-wide recognition in some way.

“Security awareness is a continuous process, not an ad-hoc exercise,” he continues.” Therefore, companies really need to regularly conduct training and drills, and even organize year-long competitions, for instance, the person who spots the highest number of phishing emails will get a valuable prize, while other top 10 reporters will get some financial bonuses.

The best approach is to understand the needs of end users, he concludes, and to make sure all their requirements to use digital equipment are met. “And then,” he adds, “implement full automation for everything, while making sure that security controls cannot be bypassed or at least such attempts are detected and contained in a timely manner.” Read Full Article


Previous Media Publications:

LexisNexis Mealey’s® Litigation Report (Artificial Intelligence): Generative AI In Legal Practice: Technical And Legal Aspects To Consider

CSO: ImmuniWeb releases Mobile Neuron to scan for OWASP Mobile Top 10 vulnerabilities, iOS/Android weaknesses

This website uses cookies to provide you with a better surfing experience. To learn more, please visit our Privacy Policy. By continuing to use this website you consent to our use of cookies.

Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
Your data will stay private and confidential