July 14, 2022

Train your employees how to be mean...(it's not what you think!)

Overall, most people are friendly by nature, and it’s socially awkward to NOT hold the door open for someone. Unfortunately, bad actors know this, and it’s a huge reason many social engineering attacks work.

We recommend including some role-playing elements in your training, because it’s one thing to have a “lunch and learn” talking about how not to let someone follow them through a locked door (known as tailgating), but it is another thing when they are actually presented with that situation and must make the choice between letting someone through or closing the door in their face.

Role-playing will allow people to practice without the awkwardness, and such training should include suggestions of things to say and do, such as “I’m sorry, but you will need to use your badge, so the security logs don’t get confused” or “I’m sure you are allowed in here, but let me take you by the reception desk so we can make sure you can get to where you need to go.” Once you give your staff these tools and skills, they are more likely to be assertive and use them when needed.

Authored by: David Matt, CISSP, CEH

You May Want to Read More:

The Scope of SARs - Something Old and Something New - WST

January 28th, 2021

Did you know that filing Suspicious Activity Reports...

In with the new year, out with the Flash - WST

January 21st, 2021

The writing has been on the wall for a while now ...

Back to Basics: Understanding Risk Concepts - WST

January 15th, 2021

People often make judgements and decisions about risk...

Keep your institution off the evening news.

Contact Us