From a survey, more than 70% of security incidents are happened because of human error. Mostly people with their knowledge on security awareness, click phishing mail links, lose USB drives or share the information with unauthorized person. Employees of every organization are unaware of how their information is shared and what their role in their organization is while it is about information security. This makes an organization to easily prone to vulnerability and cyber threats. So, security awareness is conducted and it is stimulated as a functioning human firewall.
Information security of an organization can be handled by their employees to make a big change. This is not applicable with just a policy and technology implementation. Each employee need to be aware of their work and how to secure the information. Thus security awareness makes it possible by acting accordingly. This is a program by which the employees are able to prevent and avoid security threads. Along with this awareness program, it is essential to have responsibility among the employees to secure information. Thus, other terms of security awareness are cyber awareness, information awareness and iConsciousness.
Mostly employees have a question that whose responsibility is information security? Isn’t it the responsibility of IT department? They work with the software and they have to be responsible for security thread. They have to protect the information with firewalls and virus scans. Even if everything is done, it needs security protection while using. There is a chance of security thread because of human errors done by employees. Security awareness is the process of training and education employees about all the IT security system. Awareness includes: