. https://www.mimecast.com/blog/2019/03/use-your-discretion-cyber-awareness-education-for-employees/
blog article
Employees are usually left to use their discretion with corporate-owned technology on your networks pretty much all the time. As such, a lot of power is in their hands when it comes to what emails to open, what files to download, what portable media to plug in and what sites to visit. There is an assumption that you can always monitor employees with technology. But, you can’t—or don’t – want to always do that. The fact is, that if security controls stand in the way of them doing what they want, they often find a way to bypass those controls. Your organization needs a plan for educating employees on what can happen if they don’t take use their discretion. In the recent Cyber Resilience Think Tank E-book “Employees Behaving Badly? Why Awareness Training Matters,” Gary Hayslip, Chief Information Security Officer at Webroot, said the following regarding how employees are most likely to behave with technology: Gary is completely correct about the CISO point of view on this. You can hope your employees are prepared for the correct ways to handle technology today, but you can’t assume anything. Because it’s impossible to keep tabs on your employees at all times, it’s on you to ensure they’re well-educated on what can happen if they don’t use due care. READ MORE