It’s easier to trick a person than it is to “hack” a computer – if that weren’t true, security awareness programs wouldn’t be necessary. But with the continually increasing volume of threats targeting users instead of computers, security awareness programs are as vital as asset management in every cybersecurity strategy. For example, recent findings from Proofpoint on imposter scams such as business email compromise (BEC) and vendor email compromise (VEC) reveal that attackers continue to exploit the human element rather than vulnerabilities in an organization’s infrastructure.

Whether your utility has a dedicated security awareness program or are just trying to keep up with reminders, the 6th annual SANS Security Awareness Report is a must read. Along with enlightening analysis on the makings of a successful program, this years’ report includes downloadable tools to put the report insights into practice. And for even more timeless security awareness resources, review #8 – Create a Cybersecurity Culture in WaterISAC’s 15 Cybersecurity Fundamentals for Water and Wastewater Utilities. Access the 2021 Security Awareness Report at SANS.