Awareness & Training

Awareness & Training
With a limited IT/IT Security budget, should an organization make investments in the area of Security Awareness Training or Zero Trust?

Top Answer: Technology can still not compensate for the negligence and naivety of humans. The weakest link in the chain is still employees, so it's always better to invest in training/awareness than fancy technology if you don't have the basics. There is no single product that is Zero Trust. It's a concept and can be achieved by combining various technologies. If someone is selling you a Zero Trust product ... run away. With limited budgets starting from the low-hanging fruits and education, employees are the obvious choice.

What's the best piece of advice a tech leader can give when identifying software testing resources for their team?

Top Answer: Look for someone that is structured, detail orientated and thorough. Good testing takes a lot of planning, attention to detail to explore every permutation, but also needs someone to think outside the box to try to do the unexpected. For example, checking what happens if someone closes the program half way through a transaction.

Related Tags
Does your security awareness training address files shared over communications platforms like Microsoft Teams?

Top Answer: You need to pass the training with a test before your Teams account is activated We also have this requirement for SAP access to reduce both help desk calls and teach the security of information