WO2018070887A1 - A method for auditing the state of knowledge, skills and prudence and for motivating employees - Google Patents
A method for auditing the state of knowledge, skills and prudence and for motivating employees Download PDFInfo
- Publication number
- WO2018070887A1 WO2018070887A1 PCT/PL2016/000118 PL2016000118W WO2018070887A1 WO 2018070887 A1 WO2018070887 A1 WO 2018070887A1 PL 2016000118 W PL2016000118 W PL 2016000118W WO 2018070887 A1 WO2018070887 A1 WO 2018070887A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- employees
- security
- employee
- awareness
- auditing
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 12
- 238000012550 audit Methods 0.000 claims abstract description 27
- 239000011159 matrix material Substances 0.000 claims abstract description 16
- 230000006870 function Effects 0.000 claims abstract description 15
- 230000008450 motivation Effects 0.000 claims abstract description 8
- 238000011161 development Methods 0.000 claims abstract description 7
- 238000007726 management method Methods 0.000 claims abstract description 6
- 230000006978 adaptation Effects 0.000 claims abstract description 3
- 238000012360 testing method Methods 0.000 description 7
- 238000012549 training Methods 0.000 description 6
- 230000003993 interaction Effects 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000007774 longterm Effects 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 206010037180 Psychiatric symptoms Diseases 0.000 description 1
- 230000002155 anti-virotic effect Effects 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 238000011511 automated evaluation Methods 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000002360 preparation method Methods 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/10—Office automation; Time management
- G06Q10/107—Computer-aided management of electronic mailing [e-mailing]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/01—Social networking
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2101—Auditing as a secondary aspect
Definitions
- the invention relates to a method for auditing the state of knowledge, skills and prudence of employees and motivating them under the "security awareness" programme using security audit.
- a method is known for running social engineering tests automatically using the SAVA system, which, however, is burdened with the following difficulties: How to send phishing e-mails so as to prevent the security system of the corporate e-mail server (including anti-spam) from blocking such e-mails? How to send phishing SMS? How to build websites so that they are trustworthy (e.g. available by their DNS name and not the IP address)?
- Another difficulty which needs to be tackled is the evaluation of the social engineering test, i.e. a reliable determination whether the employee received a positive or negative result of the audit.
- the essence of the invention consists in creating algorithms for automated auditing of employees where a virtual mentor based on model incentive programmes creates individual incentive programmes for employees and management staff, then based on the awai-eness building matrix and the education requirements matrix establishes a list including a report on attacks against the computer and makes changes in the matrix.
- the security audit under the "security awareness" programme requires preparation of appropriate tools and scenarios for social engineering tests. Each person undergoing a security test will have the opportunity to check their resistance to social engineering tricks. Analysis of proceeding particularly in the cases involving a negative result is the basis to bring to special attention specific techniques that the client fell victim to.
- the rules for automated generation of guidelines to motivate employees under the "security awareness” programme based on the results of the audit of the employees have been resolved so that the range includes guidelines various groups of employees, i.e.: all employees, managers and IT staff responsible for the maintenance of technical security against threats targeted against users.
- SAVA e-learning platform will present in an interactive for simulation tasks to perform. This will be implemented after the employees become familiar with the knowledge on the risks that they may encounter when using IT services.
- Fig. 1 shows a flowchart of auditing employee security
- Fig. 2 shows the functions of motivation development
- Fig. 3 shows the functions of awareness building
- Fig. 4 shows the algorithm for the security audit with the matrix.
- Fig. 1 shows components of the SAVA system essential for auditing employee security and generating guidelines to motivate employees under the "security awareness" programme based on the results of the employee audit:
- Example of a table of individual employee training programme Example of a table of individual employee training programme.
- the awareness building function F 3 based on the audit modifies the education requirements matrix 5 accordingly and thereby orders repeated training in the "security awareness" issue, to which the negatively completed security audit of the employee related.
- Fig. 1 shows elements of the SAVA system essential for generating guidelines to motivate employees under the "security awareness” programme based on the results of the employee audit, e.g.: F BS - awareness building function 3, F RM - motivation development function 8 and Employee Notification Module 7.
- Fig. 2 The principle of creating guidelines to motivate employees in the SAVA system is shown in Fig. 2.
- incentive programmes will be available for employees and management staff, including the ⁇ Disciplining" programme, where the employee's superior should have an educational talk with the employee in a situation when employee's behaviour threatens the security of the organisation (e.g. the employee received a negative result of a retaken security audit).
- the "Virtual Mentor” 6 sends information to employees' superiors and directly to employees upon occurrence of various events (e.g. poor audit results).
- Below algorithms have been included for the motivation development function F RM 8 essential for the interaction of the "Virtual Mentor” 6 with employees' superiors in the scope of sending guidelines to motivate employees.
- the "Virtual Mentor” 6 sends guidelines to the employee's superior in the following situation, when employees received low scores of the E-mail Phishing and SMS Phishing mature behaviour index. Employee's superior should have an educational talk with the employee. Such employee behaviour threatens the security of the organisation.
- the SAVA system will send recommendations relating to employee groups as follows: Every 5 days, the "Virtual Mentor” 6, based on the formulaTable of individual employee auditing" (see below) will establish a list of employees of particular organisational units, who for the last 5 days received a negative result of the retaken security audit. The "Virtual Mentor” 6 will send to each superior a list of e-mail addresses of his/her employees, specified in section 1 including a recommendation to have a serious educational talk.
- the "Virtual Mentor” 6 will send as guidelines information on the consequences of security breaches that may be produced due to a negative employee behaviour, i.e.: consequences for the employee, such as financial losses, identity theft, loss of confidence of the superior and colleagues, or even disciplinary proceedings as well as the consequences for the company, such as loss of funds, long-term financial losses or bankruptcy, short-term financial losses due to the disrupted availability of key IT services, penalties for breach of confidentiality agreements, legal requirements and other regulations, reduced profits due to the loss of good image, reputation and confidence of customers and partners (some customers leaving to the competition), reduced profits due to restricted business activity or reduced profits due to valuable employees leaving the company.
- consequences for the employee such as financial losses, identity theft, loss of confidence of the superior and colleagues, or even disciplinary proceedings as well as the consequences for the company, such as loss of funds, long-term financial losses or bankruptcy, short-term financial losses due to the disrupted availability of key IT services, penalties for breach of confidentiality agreements, legal requirements and other regulations, reduced profits due to the loss of good image, reputation and confidence
- the SAVA system of the invention will send recommendations relating to employee groups as follows: Every 20 days, the "Virtual Mentor” 6, based on the spiritTable of performance metrics of the "security awareness "programme”vA ⁇ analyse mature behaviour indices from the last 20 days and detect the following situations:
- the "Virtual Mentor” 6 When sending guidelines to motivate employees, the "Virtual Mentor” 6 should pay attention to who will be the object of motivation. As regards IT security, usually different arguments get to management staff compared to regular company employees. The "Virtual Mentor” 6, based on model incentive programmes, will create individual incentive programmes. Below are incentive programmes for employees and management staff essential for the Security Audit Module 2.
- the SAVA system will send recommendations relating to employee groups as follows: every 5 days, the "Virtual Mentor" 6, based on the spiritAwareness building matrix” will establish a list of employees of particular organisational units, for whom the value of the field "Report on attacks against the user's computer” is 1.
- the "Virtual Mentor” 6 will send to each superior a list of e-mail addresses of his/her employees, specified in section 1, along with guidelines to provide them with recommendations on cautious behaviour when facing intensified criminal activity.
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Human Resources & Organizations (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- Entrepreneurship & Innovation (AREA)
- Computer Security & Cryptography (AREA)
- Tourism & Hospitality (AREA)
- Economics (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Marketing (AREA)
- Primary Health Care (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- General Engineering & Computer Science (AREA)
- Data Mining & Analysis (AREA)
- Computing Systems (AREA)
- Operations Research (AREA)
- Quality & Reliability (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
A method for auditing the state of knowledge, skills and prudence of employees and motivating them under the "security awareness" programme is characterised in that algorithms are created for automatically auditing employees under the "security awareness" adaptation programme (1), where a virtual mentor (6) based on model incentive programmes of a security audit (2) creates individual incentive programmes for employees and management staff. Then the virtual mentor (6) based on the awareness building matrix (4) and education requirements matrix (5) establishes a list including a report on attacks on the computer and makes changes in the matrix. Then the virtual mentor (6) develops a motivation development function (8) and transmits through a employee (7) notification module.
Description
A method for auditing the state of knowledge, skills
and prudence and for motivating employees
The invention relates to a method for auditing the state of knowledge, skills and prudence of employees and motivating them under the "security awareness" programme using security audit. A method is known for running social engineering tests automatically using the SAVA system, which, however, is burdened with the following difficulties: How to send phishing e-mails so as to prevent the security system of the corporate e-mail server (including anti-spam) from blocking such e-mails? How to send phishing SMS? How to build websites so that they are trustworthy (e.g. available by their DNS name and not the IP address)? Another difficulty which needs to be tackled is the evaluation of the social engineering test, i.e. a reliable determination whether the employee received a positive or negative result of the audit. Automated evaluation of the results of social engineering tests in the SAVA system at the stage of implementation of the application encounters the following difficulties: How to assess whether the tested employee entered a website? How to assess whether the tested employee opened a document? How to assess whether the tested employee shared sensitive data? Social engineering tests under the "security awareness" programme are designed to check whether the knowledge transferred to employees during training is applied by them in practice and whether the obligations of data protection are taken seriously by them. Also, the training is designed to transfer the knowledge on how to recognise social engineering attacks and develop procedures for the employees to follow in such cases. An equally important task is to make the employee understand the importance of the data in their possession. The employee security audit should be carried out using the same methods as those used by criminals, albeit maintaining ethical principles (the so-called Ethical Hacking). The essence of the invention consists in creating algorithms for automated auditing of employees where a virtual mentor based on model incentive programmes creates individual incentive programmes for employees and management staff, then based on the awai-eness building matrix and the education requirements matrix establishes a list including a report on attacks against the computer and makes changes in the matrix.
The security audit under the "security awareness" programme requires preparation of appropriate tools and scenarios for social engineering tests. Each person undergoing a security test will have the opportunity to check their resistance to social engineering tricks. Analysis of proceeding particularly in the cases involving a negative result is the basis to bring to special attention specific techniques that the client fell victim to. The rules for automated generation of guidelines to motivate employees under the "security awareness" programme based on the results of the
audit of the employees have been resolved so that the range includes guidelines various groups of employees, i.e.: all employees, managers and IT staff responsible for the maintenance of technical security against threats targeted against users. SAVA e-learning platform will present in an interactive for simulation tasks to perform. This will be implemented after the employees become familiar with the knowledge on the risks that they may encounter when using IT services.
The object of the invention has been outlined as to its embodiment in the schematic drawings wherein Fig. 1 shows a flowchart of auditing employee security, Fig. 2 shows the functions of motivation development, Fig. 3 shows the functions of awareness building, Fig. 4 shows the algorithm for the security audit with the matrix.
Fig. 1 shows components of the SAVA system essential for auditing employee security and generating guidelines to motivate employees under the "security awareness" programme based on the results of the employee audit:
1- adaptation "security awareness" programme of the employee,
2- security audit module,
3- F(BS) - awareness building function,
4- S(b) - awareness building matrix,
5- K(b) - education requirements matrix,
6- Virtual Mentor,
7- employee notification module,
8- F(RM) - motivation development function
Based on the functions available and elements of the SAVA computer system, algorithms have been developed for automated employee auditing under the "security awareness" programme. The SAVA system keeps in the database data relevant for the security audit module 2.
Example of a table of individual employee training programme.
Repeated training and retaken social engineering tests will be carried out in the SAVA computer system for the employees who have achieved poor results of the security audit. The awareness building function F 3 based on the audit modifies the education requirements matrix 5 accordingly and thereby orders repeated training in the "security awareness" issue, to which the negatively completed security audit of the employee related.
"Virtual Mentor" 6 for employees who have received a negative result of the retaken security audit sends notifications 7 to their superiors with the recommendation to motivate employees to change inappropriate behaviour. In the event of a positive result, it adjusts the education requirements matrix 5 accordingly.
Automated generation of guidelines to motivate employees under the "security awareness" programme (in relation to employee auditing) is based on methods developed for the interaction of the "Virtual Mentor" module 6 with the superiors of the employees to provide guidelines to motivate employees. Fig. 1 shows elements of the SAVA system essential for generating guidelines to motivate employees under the "security awareness" programme based on the results of the employee audit, e.g.: FBS - awareness building function 3, FRM - motivation development function 8 and Employee Notification Module 7.
Interaction of the"Virtual Mentor" 6 with employees' superiors will be carried out mainly using the awareness building function FBS 3 and the motivation development function FRM 8. As regards employee auditing, the following situations where the "Virtual Mentor" 6 sends notifications 7 to employees' superiors and directly to employees:
- The employee received a negative result of a retaken security audit 2 (i.e. demonstrated a negative behaviour during the security audit 2 and the retaken audit). Employee's superior should have an educational talk with the employee. Such employee behaviour threatens the security of the organisation. The "Virtual Mentor" 6 sends notifications 7 to employees' superiors.
- Employees received low scores of the E-mail Phishing and SMS Phishing mature behaviour index. Disparaging employee approach to prudent behaviour threatens the security of the organisation. The "Virtual Mentor" 6 orders to retake specific training lessons and sends notifications 7 directly to employees.
The principle of creating guidelines to motivate employees in the SAVA system is shown in Fig. 2. As regards the employee auditing in the SAVA system, incentive programmes will be available for employees and management staff, including the ^Disciplining" programme, where the employee's superior should have an educational talk with the employee in a situation when employee's behaviour threatens the security of the organisation (e.g. the employee received a negative result of a retaken security audit).
Motivating in the SAVA computer system is dynamic in nature, as described in Fig. 3. The "Virtual Mentor" 6 sends information to employees' superiors and directly to employees upon occurrence of various events (e.g. poor audit results). Below algorithms have been included for the motivation development function FRM 8 essential for the interaction of the "Virtual Mentor" 6 with employees' superiors in the scope of sending guidelines to motivate employees. The "Virtual Mentor" 6 sends guidelines to the employee's superior in the following situation, when employees received low scores of the E-mail Phishing and SMS Phishing mature behaviour index. Employee's superior should have an educational talk with the employee. Such employee behaviour threatens the security of the organisation.
System of performance metrics of the "security awareness" programme essential for security audit module 2
The SAVA system will send recommendations relating to employee groups as follows: Every 5 days, the "Virtual Mentor" 6, based on the„Table of individual employee auditing" (see below) will establish a list of employees of particular organisational units, who for the last 5 days received a negative result of the retaken security audit. The "Virtual Mentor" 6 will send to each superior a list of e-mail addresses of his/her employees, specified in section 1 including a recommendation to have a serious educational talk.
The "Virtual Mentor" 6 will send as guidelines information on the consequences of security breaches that may be produced due to a negative employee behaviour, i.e.: consequences for the employee, such as financial losses, identity theft, loss of confidence of the superior and colleagues, or even disciplinary proceedings as well as the consequences for the company, such as loss of funds, long-term financial losses or bankruptcy, short-term financial losses due to the disrupted availability of key IT services, penalties for breach of confidentiality agreements, legal requirements and other regulations, reduced profits due to the loss of good image, reputation and confidence of customers and partners (some customers leaving to the competition), reduced profits due to restricted business activity or reduced profits due to valuable employees leaving the company.
The SAVA system of the invention will send recommendations relating to employee groups as follows: Every 20 days, the "Virtual Mentor" 6, based on the„Table of performance metrics of
the "security awareness "programme"vA\\ analyse mature behaviour indices from the last 20 days and detect the following situations:
• „E-mail Phishing" index below 80%
• „SMS Phishing" index below 80%
Upon detection in section 1 of indices of mature behaviour of low value, the "Virtual Mentor" 6 will send warnings and guidelines to employees in relation to changing their behaviour as regards security. Additionally, in the form of collective reports, employees' superiors should find out who was guilty of security negligence and have educational talks with them. It is mandatory if employees receive a negative results of the retaken security audit (information given in the „Table of individual employee auditing').
Two indices of mature behaviour, E-mail Phishing and SMS Phishing, will be automatically calculated in their entirety using the tools of the S AVA system.
When sending guidelines to motivate employees, the "Virtual Mentor" 6 should pay attention to who will be the object of motivation. As regards IT security, usually different arguments get to management staff compared to regular company employees. The "Virtual Mentor" 6, based on model incentive programmes, will create individual incentive programmes. Below are incentive programmes for employees and management staff essential for the Security Audit Module 2.
Employees who received negative results of a security audit should be motivated to modify their behaviour, and in the long-term to consolidate proper attitudes (e.g. understanding the need to care about security). Periodically (e.g. once a month), the "Virtual Mentor" will send a request to the competent responsible person from the IT department or security department to draw up a report on the operation of security technology of the information and communication system (including next- generation firewall, IPS, anti-virus, URL Filtering, DLP) on attacks targeted against users.
Awareness building function FBS 3 for the employees who have received a negative result of the security audit 2 in the„Awareness building matrix" 4, the field„Report on attacks against the user's computer" will set to value of 1. The SAVA system will send recommendations relating to employee groups as follows: every 5 days, the "Virtual Mentor" 6, based on the„Awareness building matrix" will establish a list of employees of particular organisational units, for whom the value of the field "Report on attacks against the user's computer" is 1.
The "Virtual Mentor" 6 will send to each superior a list of e-mail addresses of his/her employees, specified in section 1, along with guidelines to provide them with recommendations on cautious behaviour when facing intensified criminal activity.
The algorithm for the function FBS 3 in the scope of transfer of reports on attacks against users' computers
Claims
1. A method for auditing the state of knowledge, skills and prudence of employees and motivating them under the "security awareness" programme characterised in that algorithms are created for automatically auditing employees under the "security awareness" adaptation programme (1), where a virtual mentor (6) based on model incentive programmes of a security audit (2) creates individual incentive programmes for employees and management staff.
2. A method according to claim 1, characterised in that the virtual mentor (6) based on the awareness building matrix (4) and education requirements matrix (5) establishes a list including a report on attacks on the computer and makes changes in the matrix.
3. A method according to claim 1, characterised in that the virtual mentor (6) develops a motivation development function (8) and transmits through a notification module to an employee (7).
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GBGB1717186.9A GB201717186D0 (en) | 2016-10-26 | 2016-10-26 | No title |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PLP.419041 | 2016-10-10 | ||
PL419041A PL419041A1 (en) | 2016-10-10 | 2016-10-10 | Method for auditing the state of knowledge, skills and caution and motivating of employees |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2018070887A1 true WO2018070887A1 (en) | 2018-04-19 |
Family
ID=57543121
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/PL2016/000118 WO2018070887A1 (en) | 2016-10-10 | 2016-10-26 | A method for auditing the state of knowledge, skills and prudence and for motivating employees |
Country Status (2)
Country | Link |
---|---|
PL (1) | PL419041A1 (en) |
WO (1) | WO2018070887A1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109861977A (en) * | 2018-12-28 | 2019-06-07 | 北京红山瑞达科技有限公司 | A kind of method that promotion personnel awareness of network security is promoted |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8484741B1 (en) * | 2012-01-27 | 2013-07-09 | Chapman Technology Group, Inc. | Software service to facilitate organizational testing of employees to determine their potential susceptibility to phishing scams |
US20140199663A1 (en) * | 2011-04-08 | 2014-07-17 | Wombat Security Technologies, Inc. | Method and system for controlling context-aware cybersecurity training |
US8793799B2 (en) * | 2010-11-16 | 2014-07-29 | Booz, Allen & Hamilton | Systems and methods for identifying and mitigating information security risks |
US20150287336A1 (en) * | 2014-04-04 | 2015-10-08 | Bank Of America Corporation | Automated phishing-email training |
-
2016
- 2016-10-10 PL PL419041A patent/PL419041A1/en unknown
- 2016-10-26 WO PCT/PL2016/000118 patent/WO2018070887A1/en active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8793799B2 (en) * | 2010-11-16 | 2014-07-29 | Booz, Allen & Hamilton | Systems and methods for identifying and mitigating information security risks |
US20140199663A1 (en) * | 2011-04-08 | 2014-07-17 | Wombat Security Technologies, Inc. | Method and system for controlling context-aware cybersecurity training |
US8484741B1 (en) * | 2012-01-27 | 2013-07-09 | Chapman Technology Group, Inc. | Software service to facilitate organizational testing of employees to determine their potential susceptibility to phishing scams |
US20150287336A1 (en) * | 2014-04-04 | 2015-10-08 | Bank Of America Corporation | Automated phishing-email training |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109861977A (en) * | 2018-12-28 | 2019-06-07 | 北京红山瑞达科技有限公司 | A kind of method that promotion personnel awareness of network security is promoted |
CN109861977B (en) * | 2018-12-28 | 2021-04-30 | 北京红山瑞达科技有限公司 | Method for promoting personnel network security awareness to be improved |
Also Published As
Publication number | Publication date |
---|---|
PL419041A1 (en) | 2018-04-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
AU2017101666A4 (en) | Cyber Security System and Method | |
US9729590B2 (en) | Digital communication and monitoring system and method designed for school communities | |
US20150229664A1 (en) | Assessing security risks of users in a computing network | |
Kouatli | Managing cloud computing environment: Gaining customer trust with security and ethical management | |
Assenza et al. | A review of methods for evaluating security awareness initiatives | |
Pullin | Cybersecurity: positive changes through processes and team culture | |
Choejey et al. | Cybersecurity practices for e-Government: an assessment in Bhutan | |
Oettinger | Learn Computer Forensics: A beginner's guide to searching, analyzing, and securing digital evidence | |
Proctor | Investigating the efficacy of cybersecurity awareness training programs | |
Shukla et al. | A comparative study of cyber security awareness, competence and behavior | |
WO2018070887A1 (en) | A method for auditing the state of knowledge, skills and prudence and for motivating employees | |
Mittal | An Empirical Study on Cybersecurity Awareness, Cybersecurity Concern, and Vulnerability to Cyber-attacks | |
Rjaibi et al. | Mean failure cost as a measurable value and evidence of cybersecurity: E-learning case study | |
Price | Reducing the risk of a data breach using effective compliance programs | |
Poepjes | The development and evaluation of an information security awareness capability model: linking ISO/IEC 27002 controls with awareness importance, capability and risk | |
WO2014185981A2 (en) | Digital communication and monitoring system and method designed for school communities | |
Sumner et al. | Preliminary Analysis of Privacy Implications Observed in Social-Media Posts Across Shopping Platforms | |
North et al. | Information Security and Ethics Awareness: A Concise Comparative Investigation. | |
Yang | Literature review of information security practice survey reports | |
Popescu | The Right to Information and Cybersecurity | |
Haythornthwaite et al. | Social Media as Fragile State | |
Crotty et al. | Lessons from practice: insights on cybersecurity strategy for business leaders, from SMEs to global enterprises | |
Calder | The case for ISO27001: 2013 | |
Wijesekera et al. | Awareness of Cybercrimes Among Postgraduate Facebook Users in a State University of Sri Lanka | |
Kouatli | The ten commandments of cloud computing security management |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 1717186.9 Country of ref document: GB |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 16810101 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 16810101 Country of ref document: EP Kind code of ref document: A1 |