Explaining best practice security to the team

Explaining best practice security to the team

How are you communicating best security practices with your team now and what has changed?

"The thing we try not to do is to barrage people with information.“

Ben Aung, global CISO at Sage, talks to Sooraj Shah about the importance of a highly usable knowledge base for cyber security best practice.

Ben Aung was a speaker at the very popular R3 cyber security conference, which ran from 15 to 24 September 2020. If you missed it, then it’s not too late: you can still watch on demand.

Video transcript:

How are you and your team communicating security best practises to colleagues now? What's changed?

So we've used all the usual kind of mechanisms. So we've had internet articles, we've sent emails. We've engaged directly via management chains and business units. I think the thing that we've done, or we try not to do, is barrage people with too much information. So where we can avoid it, we've not created completely separate channels for security information. We've tried to use existing channels that were designed to support colleagues as they transition to working from home, and then working from home during lockdown. And then use those channels, those same channels, to emphasise and reiterate some of the security best practises. And they make it very, very easy to find what the origin is. So if anyone's looking for an answer in terms of what they should be doing in a certain situation, then it's very, very quick to find, very intuitive, and simple for everybody.

Copyright Lyonsdown Limited 2021

Top Articles

Clubhouse data leak: Data of 1.3m users dumped on a hacker forum

An SQL database containing records of 1.3 million Clubhouse users has been leaked for free on a popular hacker forum.

Iran terms Israeli cyber attack on nuke facility as "nuclear terrorism"

A rumoured cyber attack carried out by Mossad, Israel's official spy agency, destroyed legacy IR-1 centrifuges at Iran's underground nuclear facility located in Natanz.

The Hunt for Red Insider

The analogy to The Hunt For Red October is not far removed from the common reality of cybersecurity.

Related Articles