chat
expand_more

Cybersecurity Awareness Month: Tips to Supercharge Your Security Operations Practice

Explore key insights from the SOC Unlocked podcast on enhancing cybersecurity awareness and training. Learn how offensive tactics, insider threats, AI, and cloud security shape effective defense strategies.
October 22, 2024

October is Cybersecurity Awareness Month, a time when businesses, individuals, and organizations come together to improve their cyber resilience. One of the most crucial areas of focus is security awareness and training—ensuring every employee understands their role in defending against cyber threats (and sneaky anomalies).

In the SOC Unlocked podcast, we explore the latest trends and tactics with cybersecurity experts, sharing practical insights to help organizations boost their security. Here are some key takeaways from the series on how targeted awareness and training programs can strengthen your security posture.

1. Human Error Happens—Stay Vigilant to Prevent Security Breaches

A recent guest on SOC Unlocked was Eric Zielinski, Head of Application Security and Cloud Security Engineering at Options Clearing Corporation. In his episode, Eric highlighted the significant role human error often plays in cybersecurity breaches:

"It's a matter of time before human error just takes over."

Misconfigurations, forgotten processes, and accidental data exposure remain major vulnerabilities. This reinforces the need for continuous training and awareness to mitigate human error.

Hear More From Eric

2. Prioritize Regularly Updated Security Awareness Training

In his episode of the podcast, Anthony Coggins, Director of Information Security at Acrisure, highlighted the critical need for keeping security awareness training regularly updated:

“Security awareness training is important... but how do you attain that meaningful awareness of the human firewall aspect?”

Organizations must create dynamic, engaging, and ongoing training programs that address current threats, such as deepfakes and multi-factor authentication (MFA) bypass attacks. Simply checking the box on training is not enough.

3. Strengthen Defenses with Offensive Cyber Tactics

Dave Kennedy, Founder & Chief Hacking Officer of TrustedSec and Binary Defense, spoke to SOC Unlocked about the critical role that understanding offensive techniques plays in developing robust cybersecurity defenses:

"By understanding the offense, you have a much clearer picture about the best way to defend against the attackers... you can't defend something you don't understand."

Training in offensive tactics, such as penetration testing and red teaming, helps organizations recognize vulnerabilities more effectively. Cybersecurity professionals who understand how attackers operate are better equipped to identify suspicious activities and respond effectively, making this an essential aspect of any awareness program.

4. Use Behavioral Analytics to Detect and Respond to Emerging Threats

Kennedy also addressed the importance of behavioral analytics in identifying potential threats, especially when traditional tools may overlook subtle signs:

“What we will fix is hopefully more simplistic ways of looking at complex data that will allow us to be more refined in responding to threats versus the noise.”

This emphasizes the need for awareness programs that train employees to recognize deviations from normal behavior. Shifting to anomaly detection over signature-based methods is key in modern security, making continuous learning a priority for all staff.

5. Reduce Alert Fatigue by Focusing on Comprehensive Threat Intel

In the premiere episode of SOC Unlocked, Managing Partner of InfoSec Innovations Mick Douglas highlighted the issue of alert fatigue, where overwhelmed security teams struggle with the volume of alerts, which can lead to missed incidents:

“Post-alert enrichment where the SOAR [Security Orchestration, Automation, and Response] will go in, do some additional queries, validate to the extent that it can, and then instead of having just a dumb alert, you have a portfolio of why we think this thing is bad.”

Awareness programs that incorporate automation and contextual enrichment can improve security operations by reducing alert fatigue. By focusing on real threats, security teams can respond more efficiently and avoid burnout.

6. Boost SOC Efficiency with Smart Automation

SOC Unlocked guest Joe Morrissey who serves as an Incident Commander & Director of Threat Response at a Fortune 100 Financial Services Company, also spoke about the importance of automation as a supplement to human expertise—not a replacement. He points out:

"Automation is important, but we can’t automate everything... context still matters."

While automation helps manage alerts and repetitive tasks, human oversight is still essential. Awareness programs should focus on balancing automation with human judgment to ensure effective decision-making.

7. Don’t Neglect Your Internal Security Practices

Jeremy Ventura, Field CISO at Myriad360, shared a real-world example where an insider threat caused significant damage due to a lack of attention to internal security measures:

“They had a blind spot. And that blind spot was, what is actually going on internally within my network? What happens if I have a disgruntled employee?”

Clearly, awareness training must go beyond defending against external threats to include the risks of insider threats. Educating employees on monitoring internal behaviors, managing access control, and automating onboarding and offboarding processes are critical steps in minimizing these risks.

8. Develop Soft Skills to Improve Cross-Departmental Collaboration

Joe Morrisey shared the importance of soft skills, like communication and cross-departmental collaboration, as essential components of cybersecurity:

"Cybersecurity is a team sport... It’s about asking questions, communicating well, and working together."

While technical skills are crucial, the ability to communicate complex issues, share insights across teams, and collaborate efficiently can often be the difference between stopping a cyberattack or letting it slip through the cracks. Cybersecurity awareness programs should also focus on developing these interpersonal skills, as working effectively with colleagues, across departments, and even externally with vendors or partners is essential for a well-rounded security posture.

9. Align Security Efforts with Business Objectives

Jeremy Ventura also highlighted the need for aligning security with business objectives:

“Cybersecurity is not a technical issue. It is a business issue, a business risk, and the board needs to understand that as well.”

Cybersecurity awareness should extend beyond the IT department. Leadership must understand how cybersecurity risks affect business operations, emphasizing the need for awareness at all levels. Clear communication ensures that everyone in an organization, from IT staff to C-suite executives, understands the potential risks and necessary actions to mitigate them.

Cybersecurity Awareness is an Ongoing Effort

As we've heard from the expert guests on SOC Unlocked, cybersecurity awareness is far from a one-time initiative. It requires ongoing training, adapting to new and emerging threats, and reinforcing IT fundamentals. Building a culture of vigilance is critical—whether it involves developing soft skills, leveraging automation, or addressing internal risks.

At the end of the day, awareness is what keeps organizations resilient in the face of constantly evolving risks. And an AI-powered solution like Abnormal can supplement these efforts by adding an extra layer of protection, helping organizations detect and stop threats more efficiently. By combining a well-rounded awareness program with the right security solutions, companies can stay better prepared for whatever comes next.

Cybersecurity Awareness Month: Tips to Supercharge Your Security Operations Practice

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.

Get AI Protection for Your Human Interactions

Protect your organization from socially-engineered email attacks that target human behavior.
Request a Demo
Request a Demo

Related Posts

B Proofpoint Customer Story Blog 8
A Fortune 500 transportation and logistics leader blocked more than 6,700 attacks missed by Proofpoint and reclaimed 350 SOC hours per month by adding Abnormal to its security stack.
Read More
B Gartner MQ 2024 Announcement Blog
Abnormal Security was named a Leader in the 2024 Gartner Magic Quadrant for Email Security Platforms and positioned furthest for Completeness of Vision.
Read More
B Gift Card Scams Tricker to Spot Blog
Learn why gift card scams are becoming more difficult to identify, how cybercriminals evolve their tactics, and strategies to protect your organization.
Read More
B Offensive AI 12 16 24
Learn how AI is used in cybersecurity, what defensive AI vs. offensive AI means, and how to use defensive AI to combat offensive AI.
Read More
B Proofpoint Customer Story Blog 7
See how Abnormal's AI helped a Fortune 500 insurance provider detect 27,847 threats missed by Proofpoint and save 6,600+ hours in employee productivity.
Read More
B Cyberattack Forecast Emerging Threats Blog
Uncover the latest email threats and strategies to strengthen your cybersecurity and prepare for 2025.
Read More