Reiterate Social Engineering Training Every So Often.
Not only Is training your staff against all types of social engineering attacks of the utmost Importance, but It's also absolutely crucial that they actually do In fact "remember" everything they've been told. And the most effective way to make sure this happens, Is to "hold regular meetings" and "repeat" what was discussed the previous time, whilst also convey any new developments.
For Instance, It's one thing lecturing your employees against social engineering attacks, and another thing If they actually "remember" the Information given to them. You can have a guy who's an absolute genius In all facets of SEing, Is an excellent communicator and responds to all questions & concerns effectively, however It's of very little purpose If your staff forget (what they've been taught) a week later.
We're all human and our capacity to absorb and keep the Information Intact, differs from one person to the next. Some will remember It all, whilst the memory of others Is short-lived. The latter could be the result of their learning ability, or perhaps not listening due to personal Issues. Whatever the case may be, scheduled meetings must take place quite often.
How often? Well that depends on the nature of your organization, the number of personnel and how well they adapt to absorbing the Information. As a rule of thumb, I recommend trying once every 4-6 weeks and If need be, reorganize the timing based on how well (or lack of) your employees grasp the details given to them.
Also, be sure that the person In charge, observes the behavior of your employees. Signs of looking away, yawning and chatting among themselves, Is consistent with not paying attention to the trainer. The equation Is pretty simple: "You cannot remember something that you failed to absorb to begin with".
Not only Is training your staff against all types of social engineering attacks of the utmost Importance, but It's also absolutely crucial that they actually do In fact "remember" everything they've been told. And the most effective way to make sure this happens, Is to "hold regular meetings" and "repeat" what was discussed the previous time, whilst also convey any new developments.
For Instance, It's one thing lecturing your employees against social engineering attacks, and another thing If they actually "remember" the Information given to them. You can have a guy who's an absolute genius In all facets of SEing, Is an excellent communicator and responds to all questions & concerns effectively, however It's of very little purpose If your staff forget (what they've been taught) a week later.
We're all human and our capacity to absorb and keep the Information Intact, differs from one person to the next. Some will remember It all, whilst the memory of others Is short-lived. The latter could be the result of their learning ability, or perhaps not listening due to personal Issues. Whatever the case may be, scheduled meetings must take place quite often.
How often? Well that depends on the nature of your organization, the number of personnel and how well they adapt to absorbing the Information. As a rule of thumb, I recommend trying once every 4-6 weeks and If need be, reorganize the timing based on how well (or lack of) your employees grasp the details given to them.
Also, be sure that the person In charge, observes the behavior of your employees. Signs of looking away, yawning and chatting among themselves, Is consistent with not paying attention to the trainer. The equation Is pretty simple: "You cannot remember something that you failed to absorb to begin with".