Page 60 - Cyber Defense eMagazine September 2018
P. 60
60
Reinforcement
Reinforcement is the last step in the Rampart de Troika. Because unused skills lose their effectiveness, a
company must not only actively test its staff with social engineering cold calls, phishing emails and chance
meetings, but also notify employees that it will test them to ensure retention.
As in most cases, an important part of reinforcement is emphasizing the positive through incentives. Those
who follow the proper protocol in response to any security incident should be rewarded with recognition. A
mention in the company newsletter, an email, gift card or any other form of acknowledgement is satisfactory
in letting the user know they are doing the right thing. It is imperative that organization leaders recognize staff
if they do the right thing, catch a mistake or foil a social engineering attempt. The ultimate result is that the
staff member is recognized, other staff recognize what positive behavior is and follow the example and
potential insider threats take note and reconsider any negative actions.
About the Author
Daniel “Dan” Jetton is the Vice President of Cyber Services for OBXtek.
He is responsible for leading and defining cyber strategy while ensuring
security, defense and risk mitigation for his clients.
OBXtek’s accomplished teams have an established reputation for
consistently and efficiently achieving goals for its portfolio of federal
government customers. Dan Jetton, MBA, MS, MA is a CISSP, CAP and
PMP with 20 plus years of military service.
He can be reached online at https://www.linkedin.com/in/danieljetton/
and at the OBXtek website http://www.obxtek.com/.
You can follow him on
Twitter @CyberPhalanx for cybersecurity news.
