Cybersecurity Awareness Training Program Second Edition
State, federal, and local laws require businesses to take reasonable steps to protect any personal information collected from customers, employees, or job applicants. These laws seek to prevent the occurrence of security breaches and identity theft. Employers and employees must be able to identify the different kinds of cybersecurity threats in the workplace, and recognize what protections are available against cyber attacks.
Applicable federal laws include the Identity Theft and Assumption Deterrence Act (ITADA), the Cybersecurity Act of 2015, the Health Insurance Portability and Accountability Act (HIPAA), the Computer Fraud and Abuse Act, the CAN-SPAM Act, and the Unlawful Access to Stored Communications Act.
In addition, effective May 25th, 2018, new European Union (EU) law regarding General Data Protection Regulation (GDPR) is a law on data protection and privacy that addresses the export of personal data outside of the EU and European Economic Area. It gives control to citizens and residents over their personal data, and any global entity that collects personal data online from anyone in the EU must follow the law. Failure to comply with applicable laws can result in penalties up to $10,000 per violation and/or costly lawsuits alleging negligence in failing to protect sensitive personal information.
Sixty-six percent of all cyber breaches are caused by current employees, and employers can be held liable if a court of law finds that they were negligent in taking reasonable steps to prevent the theft or breach from occurring. As such, a comprehensive cybersecurity awareness training program is a company’s best defense to help identify the different kinds of cybersecurity threats in the workplace, and recognize what protections are available against cyberattacks, as well as perform the responsibilities expected of them.
Employers must create clear and comprehensive company policies on cybersecurity while following the Federal Trade Commission’s (FTC) Ten-Step Approach in formulating effective cybersecurity guidelines. Recent security breaches involving Uber and Chilli’s have increased awareness on the importance of cybersecurity and prevention. Cyber incidents have increased 32 percent in 2018 from 2017, including a 13 percent increase in data theft. This figure will only increase if companies are unprepared.
In 2017, there were 16.7 million victims of identity fraud. Criminals are engaging in complex identity fraud schemes that are leaving record numbers of victims. However, identity theft has consequences beyond the loss of data and personal information—it can take a lot of time and money to resolve and can bring emotional distress. As such, 22 percent of identity theft victims have had to take time off of work as a result.
A new Ponemon study analyzed the cost of breaches involving more than one million records. The estimated cost is $40 million, which rises to $350 million if there are over 50 million records involved. It was found that the biggest cost of these data breaches is the loss of customers, which is estimated at $118 million for a breach involving 50 million records.
To help our valued customers demonstrate compliance with applicable laws and mitigate their liability in the event of a cyber attack, Personnel Concepts has revised the easy-to-use Cybersecurity Awareness Training Program. Our exclusive program is designed to help businesses deliver effective, up-to-date prevention training to help employers and employees identify the different kinds of cybersecurity threats in the workplace and recognize the protections available against such attacks. The 2nd edition now includes information regarding unsecured WiFi networks, mobile device and laptop security, and social engineering scams.
Created by our team of certified instructional designers and compliance specialists, this program features a pre-written PowerPoint presentation, an easy-to-use facilitator’s guide, documentation forms to demonstrate compliance, and quizzes to demonstrate full comprehension from all attendees.
Who Needs It
All employers with one or more employees on payroll must take reasonable steps to protect any personal information collected from employees, customers, or job applicants. Employee training that is comprehensive, easy-to-understand, and fully up-to-date is the most effective way to fulfill this legal obligation.
Good Faith Compliance
Employers must create clear and comprehensive company policies on cybersecurity while following the FTC’s Ten-Step Approach in formulating effective cybersecurity guidelines. A comprehensive cybersecurity awareness training program is a company’s best defense to help employers and employees identify the different kinds of cybersecurity threats in the workplace, and recognize what protections are available against cyber attacks, as well as perform the responsibilities expected of them.
If you’re not completely satisfied, you can return it within 30 days from the original date of purchase for a full refund, less shipping and handling.
Our Cybersecurity Awareness Training Program (2nd Edition) includes:
- A revised Facilitator’s Guide that can guide anyone at any experience level through the delivery of the training presentation
- A pad of 10 Training Acknowledgment Forms to document each employee’s attendance and participation
- A pad of 10 Training Quizzes to document employee comprehension of the training material
- A pad of 10 Job Aids on How to Protect Sensitive Information
- Access to digital resources including:
o The training presentation in both PowerPoint & PDF format
o FTC’s 5-Step Guidelines on Cybersecurity Handout
o Training Attendance Forms
o Training Acknowledgement Forms
o Quiz and Answer Key
o “How to Protect Sensitive Information” Job Aid for Employees