Security awareness training in a corporate setting
Date
Authors
Major Professor
Advisor
Committee Member
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
The 2018 Verizon Data Breach Investigation report indicates that over 90% of common breaches start with a social engineering attack. While organizations are adding security awareness training programs, it is clear these programs are not working. Diverse workforces call for a variety of training options, and different ways to engage users. Programs must ensure users know how they will be contacted by IT staff, and what to do in different scenarios. Users may need to learn the fundamentals of computers and the Internet in order to understand and retain security awareness training. In this work, we propose an interactive security education training aimed at students and industry professionals. In order to reduce barriers to learning we implement our security training in the form of a recent and familiar entertainment form called an "escape room".