Stop the Insanity! Why Healthcare Organizations Need to Take a New Approach to Cybersecurity & Data Privacy Training
Rebecca L. Rakoski, managing partner at XPAN Law Partners and Sajed Naseem, Chief Information Security Officer (CISO) from NJ Courts is presenting this engaging webinar. Employees are one of an organization’s greatest strengths, but also its greatest weaknesses. For years cybersecurity and data privacy advocates have been arguing that training employees is the only way to safeguard the organization. This is especially true in the healthcare arena where HIPAA training is required. However, these same healthcare organizations engage in training for their employees only to stare down the barrel of a data breach caused by one of those trained employees.The question becomes, why do we continue to repeat the same exercise expecting a different outcome?
In addition, the global pandemic has caused many businesses to operate remotely. And while we all hope that the world will return to “normal”, the fact is that many businesses may choose to continue to operate with at least a portion of their employees being remote. This causes another operational hurdle for IT and IT security professionals. Simply put, the basic “people problem” needs to be re-defined and updated using science.
This presentation will explain how training, in a traditional method, is a complete failure. We will discuss how using this traditional method of training can cause greater liability and threats to an organization. Finally, we will review how measuring an employee’s Knowledge (K), Attitude (A), and Behavior (B) (“KAB”) toward cybersecurity can help to create tailored solution for cyber awareness training and provide a workforce the weapons they need to effectively stave off cyberthreats.
This webinar will cover the following objectives:
1. Understand issues with training
2. Understand ways to address those issues
3. Next Steps