Jeannette Jarvis Microsoft
download slides (PDF)
Protecting an enterprise from computer malware requires a multi-tiered security product and process approach. This defence in depth strategy is a good policy to provide for a robust and secure environment. However, one countermeasure that is often overlooked is end-user education. The end-user is the last line of defence for any threat. Are they going to do the right thing? Do they know what to do? Can they be effective?
As our environment becomes more virtual and the end-user is mobile most of the time, where they aren't protected from the strong perimeter protection your enterprise may provide, it is imperative that they know the part they play in keeping malware threats at bay and that they make the correct choices.
I will outline a comprehensive user education strategy that will provide your users with an awareness of the threats and tactics being utilized; learn how to recognize attacks and the gimmicks being used; question any request or anomaly to normal operations; and then react accordingly.
With the right awareness programs, end-users (whether corporate, small business, or students) can become trained and effective cyber border guards.