The British Academy for Training and Development provides a training course in Information Security Preventive Measures to be adopted inside and outside institutions starting from employees. The Course is provided through updated curricula developed by the Academy management.
Threats on information security in institutions are derived from internal sources (employees) contrary to the belief that the greatest threat is derived from outsources. This is due to the fact that employees are able to access the company information at any time. On the one hand, despite the fact that access control mechanisms mitigate such threats, some employees are still enjoying full access to the stored data. On the other hand, continuous supervision on employees will result in raising mistrust feelings between managers and employees. This will affect the whole system of the company. In this case, companies can design a strategy recognizing their operational requirements, and the need to protect their assets. At the same time, companies can apply some information security preventive measures on the employees themselves.
In computer security, vulnerability is a weakness which can be exploited by a Threat Actor, such as an attacker, to perform unauthorized actions within a computer system. Vulnerabilities are the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness. In this frame, vulnerability is also known as the attack surface.
Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities.This practice generally refers to software vulnerabilities in computing systems.