WWW.ILTANET.ORG 67
David R.: That's the tough question. The goal is to
have every user aware of security every day, every time
they're using technology. Part of that is training, but
beyond that, have reminders, something that will keep
people interested. Quick, regular reminders help with
that and with making people understand that protecting
the firm's data is part of their job.
Butch: Keep staff in the loop with actual day-to-day and
current events that show them the potential exposure,
and execute training on a recurring basis. Do simple
things like phishing tests to see if users click the link.
Use this as an opportunity to educate anyone who falls
for your phishing attempt. It's better for users to click
something you've sent as a test than for them to click on
an actual phishing scam.
Jon: Repetition, repetition, repetition, and be creative.
Having people take security awareness training once a
year isn't enough; you've got to find creative ways to get
security in front of users all the time, and illustrate the
consequences. Create videos, posters, tip sheets, email
announcements — anything you can to keep awareness
up. There are also some security and privacy training
programs that can be applied as continued learning
education (CLE) credit. If you can make your security
training count toward CLE credits, you'll have another
powerful motivator, especially for your attorneys.
Peter: I get in front of lawyers at every opportunity. If
I can spend just five minutes going through my Twitter
feed with the lawyer, I will make them aware of the bad
things happening out there. But how do I make a lawyer
or an assistant think about security as often as I do? I
need to make it personal. What if I tell them the new
Wi-Fi Barbie they just bought for their daughter has
been hacked already, or that VTeck toys, which recently
announced they lost close to five million records, has
lost pictures of their kids and home addresses? That's
the kind of thing that really makes it personal and makes
people pay attention.
LISTEN TO THE RECORDED
INTERVIEWS ONLINE:
www.iltanet.org/podcasts
Looking for
an alternative?
Create and collate
pdf documents
• • •
Compare documents
natively
• • •
Remove metadata
in microseconds
Discover a world
of difference
www.docscorp.com/alternative
