What’s the best guide to basic cybersecurity for employees?

Question

I&rsquo;d like a basic guide I can give to team members.Covering what are the most common attacks (eg gift card scams, invoicing fraud, phishing emails), and top prevention methodsDoes this exist?

jka · Accepted Answer

PagerDuty provide their security training materials for free online[1], and you can view and build them from source[2] if you like. They also accept contributions as GitHub pull requests.
[1] - https://sudo.pagerduty.com/
[2] - https://github.com/PagerDuty/security-training/

0xtaj · Answer

Amazon has a pretty good boilerplate here: https://www.aboutamazon.com/news/community/amazon-releases-f...

joop_dev · Answer

We had a week long of daily security related challenges ranging from easy to hard for everyone to participate. From simple sql injection and password encoding to buffer overflows. Some were coding exercises, others were open ended questions, googling encouraged. Every challenge gave a number of points and at the end of the week there would be some prices for the winners.
A lot of people participated and personally I learned a lot and had fun doing it.
May require some effort to set up, but then again these may already exist online.

muzani · Answer

For technical, it's the OWASP Top 10: https://owasp.org/www-project-top-ten/The site itself is clear enough to read on its own, but there are many other sites dedicated to explaining and training around it. It's frequently updated and up to date.

What’s the best guide to basic cybersecurity for employees?

I’d like a basic guide I can give to team members.
Covering what are the most common attacks (eg gift card scams, invoicing fraud, phishing emails), and top prevention methods
Does this exist?

PagerDuty provide their security training materials for free online[1], and you can view and build them from source[2] if you like. They also accept contributions as GitHub pull requests.
[1] - https://sudo.pagerduty.com/
[2] - https://github.com/PagerDuty/security-training/

Amazon has a pretty good boilerplate here: https://www.aboutamazon.com/news/community/amazon-releases-f...

For technical, it's the OWASP Top 10: https://owasp.org/www-project-top-ten/
The site itself is clear enough to read on its own, but there are many other sites dedicated to explaining and training around it. It's frequently updated and up to date.

What’s the best guide to basic cybersecurity for employees?

I’d like a basic guide I can give to team members.Covering what are the most common attacks (eg gift card scams, invoicing fraud, phishing emails), and top prevention methodsDoes this exist?

PagerDuty provide their security training materials for free online[1], and you can view and build them from source[2] if you like. They also accept contributions as GitHub pull requests.[1] - https://sudo.pagerduty.com/[2] - https://github.com/PagerDuty/security-training/

Amazon has a pretty good boilerplate here: https://www.aboutamazon.com/news/community/amazon-releases-f...

For technical, it's the OWASP Top 10: https://owasp.org/www-project-top-ten/The site itself is clear enough to read on its own, but there are many other sites dedicated to explaining and training around it. It's frequently updated and up to date.

I’d like a basic guide I can give to team members.
Covering what are the most common attacks (eg gift card scams, invoicing fraud, phishing emails), and top prevention methods
Does this exist?

PagerDuty provide their security training materials for free online[1], and you can view and build them from source[2] if you like. They also accept contributions as GitHub pull requests.
[1] - https://sudo.pagerduty.com/
[2] - https://github.com/PagerDuty/security-training/

For technical, it's the OWASP Top 10: https://owasp.org/www-project-top-ten/
The site itself is clear enough to read on its own, but there are many other sites dedicated to explaining and training around it. It's frequently updated and up to date.