Keeping Content Fresh: 4 Best Practices for Relevant Threat-Driven Security Awareness

The menace panorama strikes quick. As new assault strategies and social engineering strategies seem, organizations want to keep up safety consciousness packages which are related, agile and centered. Analysis from Proofpoint for the 2024 State of the Phish report discovered that almost all companies used real-world menace intelligence to form their safety consciousness packages in 2023. That makes us joyful! 

At Proofpoint, we all know it’s important to make use of threats and tendencies from the wild to show your workers about assaults they may encounter. It’s equally necessary to make sure that your program isn’t instructing them about safety subjects which are not related.  

On this article, we focus on 4 important finest practices to assist preserve your safety consciousness and coaching content material each contemporary and threat-driven:  

1. Analyze actual menace tendencies to remain present and related 
2. Use real-world threats to tell your testing and coaching  
3. Refresh your coaching plan in order that it’s related and correct 
4. Be sure that safety practitioners keep on prime of content material adjustments 

The human-centric threat of not preserving it contemporary 

Let’s first discuss what occurs if you use outdated menace content material to coach your workers. The outcomes can create vital human-centric threat for your corporation as a result of your workers may strategy safety with unsafe conduct equivalent to:  

• Having a false sense of safety about their data. Folks may consider they’re effectively ready to establish and reply to threats, resulting in actions based mostly on incorrect assumptions. 
• Not responding successfully to focused threats. Folks may make selections based mostly on incorrect assumptions, growing the opportunity of profitable assaults particular to their position or business. 
• Incorrectly reporting a safety incident. Outdated coaching content material might give incorrect procedures for reporting and responding to safety incidents. 
• Being noncompliant with business laws. Outdated content material may not match the required compliance coaching, exposing your organization to potential authorized and monetary penalties. 
• Being unengaged in your safety tradition. If workers understand safety training as outdated or irrelevant, they may see safety duty as a waste of their time.   

Now, let’s discuss our 4 finest practices to assist be certain that none of this occurs. 

1: Analyze actual menace tendencies to remain present and related 

Informing your program with menace intelligence is a should. Actual-world insights will assist your workers perceive the scope and impression of the threats they could face. It would additionally allow your safety groups to tailor their coaching and messaging accordingly.  

To make use of menace intelligence successfully, safety consciousness practitioners should work collaboratively throughout their organizations. You wish to perceive the assault tendencies that the safety practitioners who monitor, analyze and examine cyber threats see in actual time. These practitioners may be your incident response group or your safety operations middle (SOC) group.  

At Proofpoint, we’re dedicated to staying on prime of the newest threats and passing this data to prospects. The Proofpoint Safety Consciousness answer is constructed on insights that we collect from analyzing over 2.6 billion emails day by day, monitoring 430+ million domains and monitoring lots of of menace teams to remain forward of attackers. We do that by collaborating with our in-house Menace Intelligence Providers group and utilizing their insights in our built-in menace platform, which ties e mail monitoring and remediation to human threat detection and training.  

Current insights from real-world tendencies embody:  

• Phone-oriented assault supply (TOAD). Within the 2024 State of the Phish, we reported that TOAD assaults stay prevalent. Proofpoint researchers noticed a mean of 10 million TOAD messages despatched each month in 2023, and over 13 million TOAD assaults at their peak in August 2023. 
• QR code phishing. In current months, our analysis group has seen a rise in attackers utilizing malicious QR codes as a substitute for hyperlinks and attachments. This method is especially harmful as a result of it presents a well-recognized format in an unfamiliar phishing context.  
• Generative synthetic intelligence (GenAI) scams. We see GenAI strategies equivalent to deepfakes and conversational scams on the rise. Attackers can use AI fashions to create extremely convincing message-based assaults, equivalent to personalizing for particular person recipients and translating fluently into many languages.  

2: Use real-world threats to tell your testing and coaching  

As folks develop into extra refined at detecting phishing (and all its variations), attackers discover new methods to embed malicious content material. That’s the reason it’s crucial for safety practitioners to remodel real-world threats into related coaching and consciousness initiatives.  

By coaching workers on detect and reply to the newest threats, you possibly can strengthen your general safety defenses. Contemplate strategies equivalent to real-world testing with menace simulation, participating bite-sized coaching about trending subjects and well timed communication to workers a couple of current assault. As an example, you could possibly: 

• Run QR code phishing simulations for payroll and finance groups to clarify the real-world development of malicious QR codes 
• Present coaching movies to warehouse workers on the much less widespread however nonetheless evergreen malicious USB drop  
• Ship company-wide emails and distribute screensavers about being vigilant with telephone calls, each at residence and work, on account of AI-generated conversational scams 

Proofpoint Safety Consciousness strengthens the necessary connection between training and threats by repeatedly releasing new threat-driven content material. This consists of Menace Alerts, that are weekly information bulletins centered on a particular assault recognized by our menace analysts or collected by means of open-source analysis. We additionally launch month-to-month Assault Spotlights, which forged a wider lens on a selected menace assault that’s world in nature and rising in prevalence or anticipated to development quickly. 

3: Refresh your coaching plan in order that it’s related and correct 

Thus far on this submit, we now have centered on the significance of incorporating related menace tendencies and real-world threats into safety coaching. However including extra content material to deal with rising threats is just one a part of an efficient plan. Contemporary content material and common updates additionally preserve cybersecurity prime of thoughts together with your customers and assist to advertise a proactive safety tradition.  

When refreshing your coaching plan, get again to the fundamentals and contemplate these 5 elements: 

1. Who must be educated? For instance, are assist desk workers educated on the newest techniques used to entry accounts? Is your finance group conscious of how attackers use GenAI to enhance messaging in enterprise e mail compromise (BEC) scams? 
2. What do you have to practice on? As an example, are there business laws that sure roles should be educated on? Has there been a safety incident or menace development that individuals ought to concentrate on? Is the aim of the coaching related for all or a few of your learners?  
3. The place are you operating your initiatives? Are you all the time operating coaching on-line or in particular person? If that’s the case, are you able to inform if that has been efficient? What channels do you utilize to ship the messaging to your workers? Do your customers discover? 
4. When are you operating your initiatives? Do you solely run coaching yearly? If that’s the case, you may contemplate extra frequent coaching to assist be certain that you ship well timed data on the newest in threats. 
5. How are you updating the content material? Are your learners watching the identical content material every year? Does your phishing coaching require a refresh in recommendation and steering? A earlier customary was to level out crimson flags equivalent to poor grammar and spelling. Nevertheless, emails written with GenAI can now simply keep away from these errors.    

In Proofpoint Safety Consciousness, we usually evaluation, replace and take away content material as wanted. As an example, we lately eliminated COVID-19 materials on account of its decreased relevance. We additionally up to date our GDPR content material to replicate current adjustments.  

Once we evaluation our content material, we pay shut consideration to range, fairness and inclusion in the best way that subjects are formed and characters are designed. We take a look at our content material for accessibility to make sure it may be utilized by federal, state and native governments.  

We have a look at this refresh as help for our continued improvement to streamline the work of safety practitioners. And that leads us to our last finest observe! 

4: Guarantee safety practitioners keep on prime of content material adjustments 

We hear you: Safety practitioners juggle plenty of guide work for content material administration. It’s necessary to attenuate the time and sources required to construct and develop your consciousness program. Typically, this implies utilizing instruments that streamline your content material workflow with built-in processes and automation. 

In Proofpoint Safety Consciousness, we repeatedly streamline our Content material Library and enhance its options. Current updates embody:  

• Integrating a central content material repository. Our phishing templates, coaching modules and consciousness materials share a single pane of glass, so you possibly can shortly develop and deploy a phishing simulation marketing campaign and follow-up coaching. 
• Increasing the filters for a streamlined expertise. Now, you possibly can extra simply discover, view and entry content material, like looking out throughout standards like domains, assignments, simulations, materials and languages. 
• Offering a go-to place for viewing content material updates. The revamped Useful resource Heart has a bit devoted to what’s new in Content material & Menace Alerts, equivalent to threats detected by our analysis group and newly launched content material items. 
• Making it simpler to see content material adjustments. For instance, new visibility buttons present whether or not Proofpoint content material will probably be retired or will attain finish of help (EOS).  

Decrease your human safety threat with Proofpoint 

• For safety training to drive steady enchancment, you should preserve your content material related and reflective of present safety menace tendencies. It’s simply as necessary to maintain a contemporary and versatile strategy to the way you produce and ship that content material to your customers. 
• Publicity to related threat-driven content material helps domesticate a security-conscious tradition in your group. Within the occasion of a safety incident, workers educated on the newest threats will probably be higher ready to reply—and achieve this shortly. Coaching plans and content material can present the data, abilities and procedures for folks to deal with potential dangers and their very own vulnerabilities extra successfully. 
• At Proofpoint, our aim is to all the time assist workers view cybersecurity as a shared duty and to assist safety practitioners decrease the human threat to their group. 
• You possibly can view samples of our safety consciousness content material right here.