Implementing Security Awareness Training Skills Challenge - NOV 3

The seminar involved organising a cyber security awareness training program for company employees. The goal was to create a training program by analysing the company's current security practices, formulating a phishing campaign, and explaining security principles such as password managers, privilege levels etc. 

The scenario was, summarily- a security analyst at a big company has to organise robust security awareness training after facing a lot of malicious phishing campaigns. Four links were provided for resources that had really good articles that dealt with ransomware emails, phishing campaigns in the real world, covert attacks on military websites, and most importantly, introduced me to SebDB, a cyber security behaviour database. I bookmarked that one.

This seminar was a challenge so people were introduced to the scenario and were given about 20 minutes to jot down a list or make a quick presentation skeleton that would outline how they would go about creating this training program. Meanwhile the hosts talked about their experiences with working on security awareness programs with companies. I didn't participate because it was my first time and I wanted to just sit back and learn how the interaction went, but people came up with really good points and had really good presentations. I liked the idea of having a semi regular newsletter for companies that focus on security awareness and informs people on the new breakthroughs in the industry or how recent phishing campaigns are being led. 

All in all, really cool session. Would have loved to participate too, but hey, next time.