In this blog I will outline this guidance as it applies to Information security training and awareness programs.
Read more 👉 https://lttr.ai/AavUT
#SocialEngineeringAttack
Section 14 of the Center for Internet Security Critical Security Controls (CIS CSC) V8 covers security awareness and skills training.
Read more 👉 https://lttr.ai/AYVcz
7: Training personnel on how to identify and report if their equipment is missing security updates.
Read more 👉 https://lttr.ai/AVTSK
6: Training personnel to recognize and properly report potential security incidents.
Read more 👉 https://lttr.ai/ATJps
5: Training personnel about the causes of unintentional data exposure such as losing or improperly securing portable end user devices or publishing data to unintended audiences.
Read more 👉 https://lttr.ai/AShhz
8: Training personnel on the dangers of connecting to and transmitting enterprise data over insecure networks.
Read more 👉 https://lttr.ai/ASWkl
Safeguard 14.1 mandates that the organization establish and maintain a security awareness program that educates personnel on how to interact with enterprise assets and data in a secure manner.
Read more 👉 https://lttr.ai/ASJGG
Is Your Organization Following CIS and SOC2 Best Practices for Infosec Training?
â–¸ https://lttr.ai/ASBSS
Client Info
Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst