Circle 01
Circle 02
Circle 03

Join our mailing list

Subscribe to the TSC newsletter to receive exclusive news and advice
  • 22 May 2023
  • 4 min read

What should I include in cyber security induction training?

The 5 essential topics that should be included in cyber security induction training: phishing, data handling, passwords, clear desk and screen, and also how to report security incidents
TSC FAQ What should I include in cyber security induction training

With the increasing frequency and sophistication of cyber attacks, it is crucial for every employee to be well-versed in the fundamentals of cyber security.

Important statistics on cyber security induction training


One effective way to ensure this is through a comprehensive cyber security induction training program like TSC’s 5 Golden Rules. Induction training not only equips employees with the knowledge and skills to protect sensitive information but also cultivates a culture of security consciousness by initially putting a strong foot forward.

In this article, we will explore 5 essential topics that should be included in any cyber security induction training: phishing, safe data handling, password management, the importance of a clear desk and screen, and the ability to recognise and report security incidents.

1: Phishing

Phishing attacks continue to be one of the most prevalent and successful methods employed by cyber criminals. It is crucial to educate employees about the various forms of phishing, including email, phone calls, and text messages. The training should emphasise the importance of being cautious when clicking on links or downloading attachments from unknown or suspicious sources. By teaching employees to identify common phishing indicators such as misspelled URLs, generic greetings, and urgent requests for personal information, they can become the first line of defence against phishing attacks. Engaging and fresh phishing awareness materials will help build that fortification.

2: Safe data handling

Sensitive information, whether it is customer data or proprietary company information, must be handled with utmost care. Induction training should educate employees on the importance of data classification and the significance of protecting sensitive data. This includes understanding data privacy regulations, securely storing data, and securely sending data both internally and externally. Employees should also be trained on secure data disposal methods to ensure that sensitive information is properly destroyed when no longer needed. You should also consider how data management and handling differs depending on the role and position of the employee when putting your training program together.

3. Password management

Passwords serve as a crucial barrier against unauthorised access to sensitive systems and accounts. However, weak passwords or poor password management practices can render these barriers ineffective. Induction training should emphasise the importance of creating strong, unique passwords and avoiding common mistakes such as using personal information or easily guessable patterns. Employees should also be educated on the necessity of regularly updating passwords and utilising password management tools to securely store and generate complex passwords. As password security can be hard to engage employees in, consider using gamified materials like TSC’s Password Panther to liven up an otherwise common learning subject.

4: Importance of a clear desk and screen

Physical security is an often-overlooked aspect of cyber security. Induction training should stress the significance of maintaining a clear desk and screen policy. Employees should be trained to lock their computers when not in use and to never leave sensitive information visible to unauthorised individuals. This includes ensuring that documents are safely stored and not left unattended in communal areas. By fostering a culture of tidiness and awareness, organisations can mitigate the risk of physical breaches and unauthorised access.

5: Ability to see something and report it

Employees should be empowered to act as vigilant observers of potential security incidents. Induction training should teach employees to recognise and report any suspicious activities, such as unauthorised individuals in restricted areas, unusual network behaviour, or suspicious emails. By encouraging a proactive approach to reporting, organisations can quickly respond to security incidents and prevent potential breaches or attacks.

In conclusion

In conclusion, cyber security induction training plays a vital role in equipping employees with the knowledge and skills needed to protect sensitive information and defend against cyber threats. By including topics such as phishing, safe data handling, password management, the importance of a clear desk and screen, and the ability to recognise and report security incidents, organisations can create a sturdy foundation of cyber security awareness. With well-trained employees, organisations can effectively mitigate risks, strengthen their security posture, and safeguard critical assets from cyber attacks.

If you would like more informationabout how The Security Company can help you set up security induction training or how we deliver engaging and effective cyber security awareness materials for organisations of all sizes ... please contact our Head of Business Development and Sales,  Jenny Mandley.

The Security Company's vast library of customised and non-customised products and services are tailored for small, medium and large organisations and are available in a variety of languages. We also offer bespoke solutions for organisations that desire training and awareness materials built from the ground up.

Nas
Written by
Nas Ali
Cyber security and awareness content creator focused on emerging threats and the next wave of cyber security risks like AI, deepfakes and tech 4.0 initiatives in order to build towards a more secure organisational culture.
View Profile

See how we can help you protect your organisation today?

Circle 01
Circle 02
Circle 03

Join our mailing list

Subscribe to the TSC newsletter to receive exclusive news and advice