February 2024
Intermediate to advanced
448 pages
9h 22m
English
Content preview from Fighting Phishing
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
CHAPTER 6Creating a Corporate SAT Policy
Chapter 6 will detail how to create a corporate security awareness training (SAT) policy and finish with an example document. If you don't have to create corporate SAT policies, you might consider skipping this chapter. However, it contains concepts and ideas to consider even if you don't need a formal policy. Most people involved in SAT programs will benefit from reading this chapter.
Much of this information was previously included in a KnowBe4 whitepaper written by the author:
www.knowbe4.com/typ-wp-example-sat-policy-guide.
Getting Started with Your SAT Policy
Fighting any cybersecurity threat means crafting a detailed, layered, defense-in-depth set of mitigations, including policies, technical defenses, and training. So far, despite more than three decades of the best technical defenses, social engineering and phishing attacks continue to get to end users. End users must be taught how to recognize social engineering and phishing threats and how to treat and appropriately report them. Accordingly, security awareness training (SAT) is among the most high-value mitigations any organization can perform to significantly reduce cybersecurity risk.
All security mitigations should have policies directing their application and use. All SAT programs should begin with or be driven by an SAT policy document. The beginning of this chapter covers the various components that should be covered by any SAT policy. The chapter finishes with a ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.