Q&A: How One Company Gauges Its Employees' Cybersecurity 'Fluency'

Professional services firm TAG.Global now requires that all of its employees complete a cybersecurity fluency assessment test as a way to raise awareness on threats and to reinforce responsibility for information security among its users.
Talhouni recently spoke with Dark Reading about the testing program and TAG.Global's plans to bring it outside the company as well.
Tawfiq Talhouni: It is critical to develop services that fulfill the growing demand for cybersecurity awareness.
Our internal employee testing operations span a wide range of topics, with our latest focus on cybersecurity, with the goal to increase awareness and alertness among employees against potential cyberattacks.
Mastering essential skills serves as the cornerstone for a strong cybersecurity society.
While the importance of software and hardware in cybersecurity cannot be overstated, people play an equally important role in protecting their devices, whether they be mobile phones, tablets, laptops, or PCs. This test carefully assesses important abilities, ensuring a thorough mastery of cybersecurity fundamentals.
Talhouni: The test evaluates employees on a wide range of cybersecurity principles, including phishing awareness, the ability to recognize and avoid phishing attacks including fake websites and emails; device security, understanding how to safeguard personal devices like laptops and mobile phones, such as [using] passwords and two-factor authentication; and social media and online presences, comprehending privacy settings on social media sites, identifying oversharing dangers, and comprehending the repercussions of disclosing private information.
App security, understanding the possible hazards involved with mobile apps including how to detect suspicious apps and manage app permissions, and understanding cybersecurity's larger influence on national security.
Data protection, understanding the necessity of safeguarding personal and official documents; the dangers associated with sharing sensitive information on social media and messaging platforms; and continuous learning, staying current with cybersecurity procedures by routinely updating apps and being informed of emerging risks.
By focusing on these specific areas, the assessment provides a full comprehension of key cybersecurity principles and practical abilities.
Talhouni: Employees who fail the test must retake it.
If they fail the test for the second time, they will be required to sit a cybersecurity course.
The goal is to provide employees with the essential knowledge and skills to increase their cybersecurity awareness and performance.
As TAG.Global extends the test to the public, its primary objective is to cultivate awareness and foster a robust cybersecurity culture within the Middle East region.
By providing individuals with this opportunity to gauge their cyber competencies, TAG.Global also contributes to the overall cybersecurity landscape.
Talhouni: Currently, the test is being used internally at TAG.Global and externally.
Talhouni: The test was first released as a computer application, with a variety of multiple-choice questions offered in various forms.
The test is currently in the process of moving to a Web-based platform for improved accessibility and user convenience in response to the rapidly changing technological landscape.
The test will be continually evolved, incorporating new challenges and being regularly updated to address emerging threats.
This approach ensures that users receive a dynamic and relevant assessment, contributing to a culture of cybersecurity awareness.


This Cyber News was published on www.darkreading.com. Publication date: Wed, 17 Jan 2024 17:55:29 +0000


Cyber News related to Q&A: How One Company Gauges Its Employees' Cybersecurity 'Fluency'