Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Mastering security awareness in the digital era

Issue 6 2023 Security Services & Risk Management, Training & Education

By Simeon Tassev, MD & QSA at Galix Networking


Simeon Tassev.

Cybersecurity threats are becoming increasingly sophisticated and targeted in today's digital landscape. While organisations invest in advanced anti-malware and threat detection software, they often overlook a critical variable in their security posture: people.

Human error and lack of security awareness remain the number one security threat. Companies must consider the importance of managing employee cyber risk and the significance of training and awareness programmes. Furthermore, organisations need to be cognisant of the ever-evolving nature of human-targeted attacks, the impact of human error on security, best practices for staying security savvy, the components of a strong human risk management programme, and the steps to building a security-first culture.

The evolution of human-targeted attacks

Human-targeted attacks are expected to evolve not only in terms of execution but also in their level of specificity and believability. Threat actors are employing targeted approaches to infiltrate organisations and extract sensitive information. Previously, attacks were generic and employed basic templates. However, today's attackers are increasingly sophisticated, using personalised techniques such as company email attacks. Attackers will continue refining their methods to obtain critical information, thus demanding heightened vigilance from organisations.

Human error poses a significant security risk to organisations, possibly undermining even the most robust security strategies and systems. It is, therefore, crucial to identify critical areas within an organisation and assess the potential risk of human error in those areas. For example, a seemingly minor mistake, such as a call centre agent providing extra information to a caller, can inadvertently aid a perpetrator in launching a company email attack.

Understanding the dynamics of the threat landscape and the potential risks involved allows businesses to prioritise critical areas and implement appropriate training and security measures.

Best practices for employees to stay security savvy

Building a culture of security awareness is crucial for keeping staff security savvy. This can be achieved through various campaigns, tools, and techniques. Regular communication about cyber threats, reminders, screensavers, and posters can help raise awareness and make security second nature. It is essential to continuously educate employees about new techniques and potential threats to ensure they remain up-to-date and vigilant.

Furthermore, a robust human risk management programme combines various tools, policies, procedures, and controls to heighten security measures. While no method is full-proof against human error, it is crucial to understand and prioritise the imminent risks at hand. Risk management allows organisations to identify acceptable risks and focus on mitigating unacceptable risks. Training platforms and risk profiling can help tailor training, additional controls, and policies to specific areas of the business, and success in human risk management requires ongoing assessment and adjustment, acknowledging that unexpected threats can emerge.

Building a security-first culture

Building a security-first culture starts with top-down leadership. Management must understand the importance of security and ensure the implementation and enforcement of relevant policies and procedures. Enforcement helps prevent security breaches and fosters a culture where employees understand the reasoning behind security measures. Scenario-based learning, where employees are exposed to various cyber threat situations, can help them comprehend the relevance of security strategies in their specific roles and environments. In an effort to stay ahead of evolving threats, organisations must maintain a proactive approach to cybersecurity.

In the ever-evolving cyber landscape, organisations must recognise that people play a crucial role in security. Human-targeted attacks continue to evolve, demanding greater vigilance and targeted training efforts. Human error remains the number one security threat, emphasising the need for robust risk management programs and comprehensive security training. Building a security-first culture requires top-down leadership, effective communication, and ongoing education to proactively empower employees to identify and mitigate security risks.




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

“This Is Theft!” SASA slams Mafoko Security
News & Events Security Services & Risk Management Associations
The Security Association of South Africa (SASA) has issued a stark warning that the long-running Mafoko Security Patrols scandal is no longer an isolated case of employer misconduct, but evidence of a systemic failure in South Africa’s regulatory and governance structures.

Read more...
Making a mesh for security
Information Security Security Services & Risk Management
Credential-based attacks have reached epidemic levels. For African CISOs in particular, the message is clear: identity is now the perimeter, and defences must reflect that reality with coherence and context.

Read more...
Privacy by design or by accident
Security Services & Risk Management Infrastructure
Africa’s data future depends on getting it right at the start. If privacy controls do not withstand real-world conditions, such as unstable power, fragile last-mile connectivity, shared devices, and decentralised branch environments, then privacy exists only on paper.

Read more...
From friction to trust
Information Security Security Services & Risk Management Financial (Industry)
Historically, fraud prevention has been viewed as a trade-off between robust security and a seamless customer journey, with security often prevailing. However, this can impair business functionality or complicate the customer journey with multiple logins and authentication steps.

Read more...
Security ready to move out of the basement
AI & Data Analytics Security Services & Risk Management
Panaseer believes that in 2026, a board member at a major corporation will lose their job amid rising breaches and legal scrutiny, as organisations recognise that cyber risk is a business risk that CISOs cannot shoulder alone.

Read more...
Cyber remains top business risk, but AI fastest riser at #2
News & Events Security Services & Risk Management
The Allianz Risk Barometer 2026 ranks cybersecurity, especially ransomware attacks, as the #1 risk, while AI is the biggest riser and jumps from #10 to #2, highlighting the emerging risks for companies in almost all industry sectors.

Read more...
OT calculator to align cyber investments with business goals
Industrial (Industry) Information Security Security Services & Risk Management
The OT Calculator has been developed specifically for industrial organisations to assess the potential costs of insufficient operational technology (OT) security. By offering detailed financial forecasts, the calculator empowers senior management to make well-informed decisions.

Read more...
From digital transformation to digital sovereignty
Security Services & Risk Management IoT & Automation
As cyberthreats grow, data regulations tighten, and AI becomes central to economic competitiveness, countries are recognising the need to control and protect their own digital assets.

Read more...
The age of Lean 4.0: Orchestrating intelligence and efficiency
Security Services & Risk Management
The convergence of Lean principles and AI (what we now call Lean 4.0) is no longer a theoretical exercise; it is the defining operational paradigm for survival and growth in a complex, data-intensive economy.

Read more...
Risks of open-source intelligence escalating in crime
Security Services & Risk Management Residential Estate (Industry) Smart Home Automation
CMS estimates that open-source intelligence has played a role in 20 - 30% of robberies over the past 12 months. In cybercrime, global research consistently shows that many offences rely on some form of open-source data exploitation.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.