The majority of enterprise attacks, they say, start with email phishing or a socially-engineered attack, and although most organizations (UVA included) invest much time, money, and expertise in training employees how to identify and avoid these, the success of the training is still limited.
Wright and Johnson are studying social networking at work: finding out who our work friends are, who we ask for IT advice, and how our teams are connected to other teams. Working on the premise that high-performing teams bring all members up to a high-performing level, even in matters of smart cybersecurity behaviors, they say a lot can be learned by studying those high-performing teams.
In short, Wright says, they’re “bringing IT knowledge to the team level rather than directing people to IT.”
See more about the project here. (It’s really interesting!)
UVAFinance will participate in this research project starting mid-April, with an aim of having at least 80% of our teams complete the survey distributed by Wright and Johnson. The high completion rate is necessary for the data to be meaningful. No results will be made public, and no individual names of participants will be collected.
In return for participation, the research team will provide UVAFinance with useful data that can help us protect our data and better train our people.
When the surveys launch later this spring, we strongly encourage our team members to participate, so that the necessary 80% or more response rate is met.
Look for more information coming within your unit soon, and thanks in advance for taking part!