9. User Awareness Training
Ongoing security awareness training can have a positive impact on end-user behavior and, ultimately, reduce cybercrime costs, Ponemon said. Programs should not be one-off events, but a sustained series of events and other initiatives designed to build a strong culture of security among employees. Effective programs are designed to help end users gain control of the security and privacy in their personal lives. Once end users understand how to protect themselves from financially motivated cybercriminals, they can understand how important their actions are in protecting corporate resources, experts say.